Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 0.10.1 Released, Fixes Security Hole

Posted by CowboyNeal on from the hole-in-the-dam dept.

_xeno_ writes "Firefox 0.10.1 was released today to fix a security flaw that could potentially allow a malicious site to erase files from the user's Download directory. If you already have Firefox 0.10 installed, you can go to Tools, Options, and choose Advanced, go to Software Updates and choose Check Now to grab the patch."

5 of 441 comments (clear)

  1. Re:done already! by doofusclam · · Score: 0, Troll

    Which means nothing. The important factor is whether that exploit is in the wild.

    It's fairly irrelevent as far as this vulnerability is concerned, but is a fact that is generally thrown at Windows users on slashdot, so I thought i'd write it...

  2. Nope by DogDude · · Score: 0, Troll

    What you're seeing are the results of this program.. people are finding bugs, submitting them, and the bugs are being fixed before blackhats can exploit them.

    That's not what I'm seeing. I had a spam with a .vbs file in it nuke my Thunderbird inbox lat night. And the email was never even opened, or previewed. Second time that happened. So much for Mozilla security.

    --
    I don't respond to AC's.
  3. Re:This may sound stupid... by bonhomme_de_neige · · Score: 0, Troll
    1. Suppose your download directory isn't dedicated to just downloads. Any files in that directory are vulnerable.

    What else would it be dedicated to? Come on, let's be reasonable and face the facts - there's close to zero probability that there'd be anything in there you couldn't just download again. Of course, I'm not saying they _shouldn't_ have patched it, but it's hardly a vulnerability worth getting all excited about.

    --
    "Why are you watching the washing machine?"
    "I love entertainment, as long as it's clean"
  4. Re:This may sound stupid... by bonhomme_de_neige · · Score: 0, Troll

    What's 4gb? A day of downloading on ADSL? Assuming you're going to need _all_ of those again... but chances are you won't need 90% of them since by the time you need to install that software again new versions will be out which you'd have downloaded again anyway...

    --
    "Why are you watching the washing machine?"
    "I love entertainment, as long as it's clean"
  5. Re:These hurt... by The_Quinn · · Score: 0, Troll
    "You must not be aware that the mozilla foundation has put out a bounty where they reward security researchers $500 for finding critical remotely-exploitable vulnerabilities and reporting them."

    $500? WOW! I can just see the organizations and individuals dedicating all their free resources to finding firefox bugs to claim that rich bounty!

    You must be right ... That $500 dollar reward must be spurring a vast, unrelenting search that we are seeing the results of. We should consider $500 dollar rewards for all the worlds problems!

    --
    Mine is Good