Slashdot Mirror


2 Firefox Security Flaws Lead to Exploit Potential

Marthisdil points out a News.com story which reports that "Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them." Security firm Secunia reported the vulnerabilities (and the "extremely critical" rating is theirs), but the News.com story points out that thus far, "no known cases have yet emerged where an attacker took advantage of the public exploit code." Update: 05/09 20:20 GMT by T : Rebron of the Mozilla Foundation sends a correction; this is really the same flaw reported yesterday. He suggests that you glance at the Mozilla security alert on this hole (as well other alerts at the Mozilla Security Center), and says "The Mozilla Foundation has made changes to our update servers that will protect users from this arbitrary code execution exploit."

12 of 417 comments (clear)

  1. IE by blake3737 · · Score: 3, Funny

    I smell scandel, it was bill gates who wrote the code and you know it. IT's like the SetErrors flag in windows (Fp maybe?)

  2. And to think... by oskard · · Score: 5, Funny

    I JUST got through explaining to my parents why Firefox is a safer alternative.

    --
    Sigs are for Terrorists.
  3. Re:News for Nerds? by Anonymous Coward · · Score: 3, Funny

    You just missed it the first 3 times.

  4. LINUX USERS DON'T GET VIRUSES by Anonymous Coward · · Score: 4, Funny

    Mind you, they don't get laid, either.

  5. In other news... by Anonymous Coward · · Score: 2, Funny

    .. two unpatched security security holes (code named timothy and CmdrTaco) in Slashdot allowing posting of dupes were disclosed.

  6. ...obligatory by op12 · · Score: 4, Funny

    Welcome to Slashdot, you must be new here.

  7. Re:sorry.. by Taladar · · Score: 3, Funny

    Probably because lots of /. posters have to fix machines of relatives or at their work running IE.

  8. Re:Balanced? by utexaspunk · · Score: 4, Funny

    AMEN, BROTHER- this ain't the news desk, buddy, this is the nerd table in the high school cafeteria. Most of the time here is spent trying to make milk come out of eachother's noses...

  9. Preview Release by heymr.wilson · · Score: 2, Funny

    If you are still using the preview release 1.0, then it tells you there are no updates to be installed... guess you're safe there...hmmmm

    --
    --"They say time is the fire in which we burn"
  10. Re:sorry.. by grolschie · · Score: 2, Funny

    Well, I would agree, but then why does slashdot post every IE bug that comes up?

    Because serious IE security holes are popping up every other day. The front page at /. would be choked with all the posts. But seriously, we all know that MS are notoriously slow at patching security holes, so people need to know that... <insert swiss cheese reference here>.

  11. Re:sorry.. by shmlco · · Score: 4, Funny

    Probably because lots of /. posters now need to fix machines of their own running Firefox...

    --
    Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
  12. Re:Should not be exploitable any more by Just+Some+Guy · · Score: 2, Funny
    On Sunday, Mozilla Update was moved to an untrusted URL

    Erm, it doesn't happen to end in .cx, does it?

    --
    Dewey, what part of this looks like authorities should be involved?