- 10 Microsoft research projects
- 10 kitchen gadgets for the geek gourmet
- Verizon trounces competition
- Smartphone smackdown: Storm vs. iPhone
- FBI warns of holiday cyber scams
A new update for the Firefox browser fixes an unusual vulnerability that could cause malicious code to run if the browser is launched by Microsoft's Internet Explorer.
The critical vulnerability involves Internet Explorer's ability to launch other applications such as Excel or Firefox after a user clicks on a specially written link in a Web page. Explorer does not properly check the syntax of the link, which could allow a malicious link to attack Firefox if launched, according to Mozilla, the open-source project that develops Firefox.
Microsoft said it didn't feel it was an issue for Explorer. Either way, Firefox's 2.0.0.5 release fixes the problem by now validating incoming data. The update will automatically be pushed out to Firefox 2.0 users via the built-in update system, Mozilla said in an advisory.
The update also fixes seven other vulnerabilities, two of which are considered "critical" by Mozilla. One problem, labelled 2007-18, is a memory corruption problem that could cause arbitrary code to run on a machine. The other, 2007-21, could also allow arbitrary code to run.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (3)
browers updatesBy Anonymous on October 30, 2008, 8:41 pmfirefox is my home page. yet yahoo says to update browers. here i am
Reply | Read entire comment
Mozilla steps upBy Micronet on July 19, 2007, 4:43 pmwe ran a story, "who's to blame?" when the bug was reported. http://www.networkworld.com/news/2007/071107-whos-to-blame-for-browser.html It didn't take long for...
Reply | Read entire comment
RE: Firefox update fixes problem with Internet ExplorerBy Dr. Bill Harvey on July 19, 2007, 12:46 pmThere is a vast supply of information on this Web Page, and I certainly thank the person or persons responsible for establishing it to anyone who is able to log...
Reply | Read entire comment
View all comments