Slashdot Mirror


Firefox 0.10.1 Released, Fixes Security Hole

_xeno_ writes "Firefox 0.10.1 was released today to fix a security flaw that could potentially allow a malicious site to erase files from the user's Download directory. If you already have Firefox 0.10 installed, you can go to Tools, Options, and choose Advanced, go to Software Updates and choose Check Now to grab the patch."

7 of 441 comments (clear)

  1. Re:done already! by doofusclam · · Score: 0, Troll

    Which means nothing. The important factor is whether that exploit is in the wild.

    It's fairly irrelevent as far as this vulnerability is concerned, but is a fact that is generally thrown at Windows users on slashdot, so I thought i'd write it...

  2. Nope by DogDude · · Score: 0, Troll

    What you're seeing are the results of this program.. people are finding bugs, submitting them, and the bugs are being fixed before blackhats can exploit them.

    That's not what I'm seeing. I had a spam with a .vbs file in it nuke my Thunderbird inbox lat night. And the email was never even opened, or previewed. Second time that happened. So much for Mozilla security.

    --
    I don't respond to AC's.
  3. Re:This may sound stupid... by bonhomme_de_neige · · Score: 0, Troll
    1. Suppose your download directory isn't dedicated to just downloads. Any files in that directory are vulnerable.

    What else would it be dedicated to? Come on, let's be reasonable and face the facts - there's close to zero probability that there'd be anything in there you couldn't just download again. Of course, I'm not saying they _shouldn't_ have patched it, but it's hardly a vulnerability worth getting all excited about.

    --
    "Why are you watching the washing machine?"
    "I love entertainment, as long as it's clean"
  4. Re:This may sound stupid... by bonhomme_de_neige · · Score: 0, Troll

    What's 4gb? A day of downloading on ADSL? Assuming you're going to need _all_ of those again... but chances are you won't need 90% of them since by the time you need to install that software again new versions will be out which you'd have downloaded again anyway...

    --
    "Why are you watching the washing machine?"
    "I love entertainment, as long as it's clean"
  5. Re:These hurt... by The_Quinn · · Score: 0, Troll
    "You must not be aware that the mozilla foundation has put out a bounty where they reward security researchers $500 for finding critical remotely-exploitable vulnerabilities and reporting them."

    $500? WOW! I can just see the organizations and individuals dedicating all their free resources to finding firefox bugs to claim that rich bounty!

    You must be right ... That $500 dollar reward must be spurring a vast, unrelenting search that we are seeing the results of. We should consider $500 dollar rewards for all the worlds problems!

  6. A Problem With Firefox? by comrade009 · · Score: -1, Troll

    I'm sorry, but wasn't Firefox the web browser that slashdot hyped to be better than Jesus? Like, infallible? Unlike the satan worshipping developers working on Explorer? This isn't flamebait, but seriously, don't think that Firefox is automatically perfect because it doesn't come from Microsoft. (Yes, I spell it Microsoft, not Micro$oft, or Micro(swastika)oft)

  7. Re:Automatic stuff == bad security by Anonymous Coward · · Score: -1, Troll

    "Stop with the FUD"???? YOU stop with the FUD jackass. I've pointed a real issue, it is NOT FUD!! Just because you don't like an issue you can't call it FUD. Get the fuck out of here, dipshit.

    And yeah, I HAVE "addressed the need." I HAVE pointed out a real problem. And no, jackass on a high horse, I ain't fixing it because I'm not part of the firefox team and I'm busy working on other projects. I.e. I'm being useful in other projects, AND being useful with firefox by pointing out a weak area. YOU on the other hand, do nothing but try to turn a real issue into "FUD". You're a fucking moron, go rot in hell.