Firefox Update Closes Security Holes


Recommended Posts

Firefox Update Closes Security Holes, Thunderbird Still Vulnerable

Erik Larkin

The latest update to the open-source browser shores up a number of security risks, including some that Mozilla says could be exploited by an attacker to run commands on a vulnerable computer. But the flaws still affect the current Thunderbird release, 2.0.0.19.

One of the bugs involves a library used for PNG images, and could presumably be triggered by a poisoned image on a Web page. The second would be harder to exploit, as its description says you'd have to reload a page specially crafted to target a memory management flaw to get hit.

The other critical flaws could potentially allow an attacker to crash the program and run arbitrary code, which usually means installing malware.

These risks all affect the Thunderbird e-mail program as well as Firefox, but the Mozilla advisories says the Thunderbird fixes won't come until version 2.0.0.21. Thunderbird is only at 2.0.0.19 right now.http://www.pcworld.com/article/160787/fire...vulnerable.html

and http://secunia.com/advisories/34145/

>>>>>>>>>>>>>>>>>>>>

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...