Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox and IE Still Not Getting Along

Posted by Zonk on from the kids-kids-kids dept.

juct writes "Heise describes a new demo showing how Firefox running under Windows XP SP2 can be abused to start applications. For this to work, however, Internet Explorer 7 needs to be installed. This severe security problem promises another round in the 'who-is-to-blame-war' between Mozilla and Microsoft. Mozilla currently is leading the race for a patch, as they have one ready in their bugzilla database. 'The authors of the demo note that there are many further examples of such vulnerabilities via registered URIs. What is so far visible is just "the tip of the iceberg". They state that registered URIs are tantamount to a remote gateway into your computer. To be on the safe side, users should, in the authors' opinion, deregister all unnecessary URIs - without, however, elucidating which are superfluous.'"

19 of 207 comments (clear)

  1. No problem by Anonymous Coward · · Score: 5, Funny

    IE is the better browser. Just use that one.

    1. Re:No problem by PenguSven · · Score: 4, Funny

      It's the industry standard protocol used by Professional Fishermen and Giant Squid alike to catch salmon and tuna.

      --
      What is...?
  2. Obviously firefoxs fault by SolusSD · · Score: 5, Funny

    All the intertwined security problems HAVE to be caused by firefox, right? I mean-- Microsoft surely knows how to write applications using their own APIs on the operating system *they* developed.

    1. Re:Obviously firefoxs fault by Selfbain · · Score: 2, Funny

      So it was just following orders you're saying. I'm not sure that defense works.

      --
      Well, it has never been successfully tested.
    2. Re:Obviously firefoxs fault by jez9999 · · Score: 5, Funny

      Browser: "Feed that dog."
      OS: *gets out gun and shoots dog dead*
      Browser: "WTF? What did you do that for?"
      OS: "You told me to."
      Browser: "I told you to feed it!"
      OS: "Yeah, I changed the definition of that yesterday to 'shoot dead'."

      --
      == Jez ==
      Do you miss Firefox? Try Pale Moon.
    3. Re:Obviously firefoxs fault by TrebleMaker · · Score: 5, Funny

      for example, could be set in the registry to "shutdown -s -f -t 0" Honestly, I read that as "shutdown -s -t -f -u" the first time.

      --
      In Soviet Russia a beowulf cluster of these things imagines you welcoming your new, neural-network overlords.
    4. Re:Obviously firefoxs fault by Spy+der+Mann · · Score: 4, Funny

      Microsoft surely knows how to write applications using their own APIs on the operating system *they* developed.

      If by "developing" you mean "IT'S ALIVE, IGOR!! IT'S ALIVE!!!", then, yes, I agree with you! :)

  3. Re:both of these browsers are gay by Anonymous Coward · · Score: 0, Funny

    Lynx is a furry, though. Would you rather be gay or a furry?

  4. No Microsoft Software has Bugs by Cassini2 · · Score: 2, Funny

    Microsoft software does not have bugs. They have "undocumented features". It is a feature that Internet Explorer 7 works this way. When properly embraced, it extends the operating system with new features, and extinguishes all problems.

    Be positive about these features!!! :-)

  5. !Root by rustalot42684 · · Score: 4, Funny

    Maybe if they weren't running as root *all the time*, they wouldn't have so many problems.

  6. Didn't work for me... by supremebob · · Score: 4, Funny

    I tried this on my computer, and the mailto: tag ended up getting redirected to my GMail account. Thanks, Google Toolbar!

    Once again, Google saves the day! Is there nothing that Google can't do? :)

    1. Re:Didn't work for me... by Anonymous Coward · · Score: 1, Funny

      Is there nothing that Google can't do? :)

      Alas, it can't get me laid =(

  7. Re:Errr by GreenEnvy22 · · Score: 2, Funny

    I believe that would be one from the William Shatner school of grammar.

  8. Yea, pretty much. by SatanicPuppy · · Score: 2, Funny

    Worst sentence I've read in a while, and during lunch I had to listen to a friend copyediting some weenie who routinely left out the verbs in his sentences.

    Elucidate and superfluous are dross from a word of the day calendar; the english major equivalent of e-penis. Three seperate comma seperated subclauses in the sentence. Overuse of the passive voice. The use of an uncommon acronym (URI) can perhaps be forgiven since it's Slashdot. Hyphens are hard to use well, and should NOT be used unless you know exactly what you're doing.

    How about this: "In the author's opinion, users should deregister all unnecessary URIs. He does not, however, give instructions on how to do so."

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    1. Re:Yea, pretty much. by SatanicPuppy · · Score: 4, Funny

      Actually I was being ironic on purpose. I guess I feel like I have to prove that I'm not against their word choice simply because their bombastic verbiage outstrips my linguistic comprehension, but rather because their grandiloquent ostentation obfuscates their actual meaning. (---E-penis +10 bitches! ;)

      Never understood the obsession with big words. The point is to be understood, right? There are times when it is more elegant to use the word that has the exact nuance of meaning that you're trying to convey, but for the most part it's a lot more effective to use a word that everyone will understand.

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  9. Re:Not just Firefox. by griffjon · · Score: 4, Funny

    as stated in the article. It's the handling of the NULL (%00) byte.

    At the risk of abusing a double negative, Windows can't even do nothin' right.

    --
    Returned Peace Corps IT Volunteer
  10. Code for the patch by Lost+Penguin · · Score: 3, Funny

    Set WshShell = WScript.CreateObject("WScript.Shell")
    intReturn = WshShell.Run("del c:\windows\iexplore.exe")
    WshShell.Popup "Windows is now secure."

    --
    I am the unwilling control for my Origin.
  11. Re:its worth noting by Headcase88 · · Score: 5, Funny

    I dare you to try to make an OS that isn't strongly integrated with / dependent on an internet browser. It's as hard as making a toaster that can't wash dishes, but can somehow still toast bread.

    --
    "When the atomic bomb goes off there's devastation...but when the atomic bong goes off there's celebraaaaation!"
  12. just forgot to inform you about a default param by someone1234 · · Score: 2, Funny

    bool FeedDog(int amount, bool lead=true);

    --
    Patents Drive Free Software as Hurricanes Drive Construction Industry