Archived Weblog Entry - 09/18/2004: "Mozilla and Firefox security alert"

[Previous entry: "Phil Parlock"] [Main Index] [Next entry: "First link to DVBlog"]

09/18/2004 Archived Entry: "Mozilla and Firefox security alert"

Heads up, web surfers: CERT has just released a security advisory for the Mozilla and Firefox web browsers, and the Thunderbird email client. Multiple vulnerabilities

... could allow a remote attacker to execute arbitrary code with the privileges of the user running the affected application. ... [and] could also allow a remote attacker to crash an affected application.

The Mozilla organization has already relased patched versions of these products. No exploits are yet reported, but that's just a matter of time -- you should update your browser as soon as you can. (As an interim measure, the vulnerability allows an attacker to execute code with the user's privilege -- not system-wide privilege -- so you could create a new user account just for your web browsing.)

I guess it just goes to show...just because Microsoft owns a 95% market share for software bugs, doesn't mean they own them all.

brad