Peaches Posted March 6, 2009 Report Share Posted March 6, 2009 Firefox Update Closes Security Holes, Thunderbird Still Vulnerable Erik Larkin The latest update to the open-source browser shores up a number of security risks, including some that Mozilla says could be exploited by an attacker to run commands on a vulnerable computer. But the flaws still affect the current Thunderbird release, 2.0.0.19. One of the bugs involves a library used for PNG images, and could presumably be triggered by a poisoned image on a Web page. The second would be harder to exploit, as its description says you'd have to reload a page specially crafted to target a memory management flaw to get hit. The other critical flaws could potentially allow an attacker to crash the program and run arbitrary code, which usually means installing malware.These risks all affect the Thunderbird e-mail program as well as Firefox, but the Mozilla advisories says the Thunderbird fixes won't come until version 2.0.0.21. Thunderbird is only at 2.0.0.19 right now.http://www.pcworld.com/article/160787/fire...vulnerable.html and http://secunia.com/advisories/34145/ >>>>>>>>>>>>>>>>>>>> Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.