subscribe
Firefox and IE Vulnerabilities Disclosed, But I am Protected
Word is that Michal Zalewski posted about 4 vulnerabilities on the Full Disclosure mailing list. Two are for Firefox, one is for IE 6 & 7, and one is exclusive to IE 6. The thing I love is that they require Javascript to run, and ever since a few months ago I have been using the NoScript Firefox extension to block sites from executing Javascript unless I specifically allow them. It’s a great way to stop these attacks. The only nuisance is having to allow scripts to run on certain sites you visit, but once you do it for each site you don’t have to do it again. And the alternative of not being protected is even worse and makes the extra effort worthwhile.
Mozilla is already discussing the Firefox bugs in their bugzilla tracking system. I wonder how long it will take for Firefox to fix these. I give it less than a week.
Get protected: NoScript for Firefox
Source: Full Disclosure
Tags: Firefox
Leave a Reply