Unpatched Firefox Flaw May Expose Users

Corrado writes "CNET is reporting on a new Firefox flaw." From the article: "The problem lies in the way Firefox handles Web links that are overly long and contain dashes, security researcher Tom Ferris said in an interview via instant messaging late Thursday. He posted an advisory and a proof of concept to the Full Disclosure security mailing list and to his Security Protocols Web site...The public bug disclosure comes just as Mozilla released the first beta of Firefox 1.5. The final release of the next Firefox update, which includes security enhancements, is due by year's end, according to the Firefox road map."

Tell all your friends!

[CyricZ]

If you have gotten your non-techie friends to switch to Firefox, be sure to tell them about this problem and the possible fixes. Indeed, it is very important that Firefox be kept up to date on as many computers as possible, even if it means a short trip to install it for somebody. Nothing will hurt Firefox's reputation more than unpatched installations being exploited.

Re:Tell all your friends!

[killproc]

"If you have gotten your non-techie friends to switch to Firefox, be sure to tell them about this problem and the possible fixes. Indeed, it is very important that Firefox be kept up to date on as many computers as possible"

Not trying to troll here, but...

Couldn't the same be said for IE or any other browser? If you have non-techie friends that could be vulnerable on any platform, wouldn't letting them know how to check for security updates be the right thing to do?

Should you let them flounder and possibly become zombies for some nefarious spam network because they don't use your "preferred" browser?

Personally, I use Mozilla at home because I like it much better, and encourage all my friends to do the same, but I'm not above recommending security updates to those who choose not to use Mozilla/Firefox.