Rik©

Mar 24 2005, 10:56 AM

Yesterday Mozilla (foundation) released another security update for Firefox.

QUOTE(Mozilla Foundation)

March 23, 2005, (Mountain View, CA). The Mozilla Foundation, a non-profit organization dedicated to preserving choice and promoting innovation on the Internet, today announced a security update for its Firefox Web browser. The update is a proactive security release to patch a bug identified by Internet Security Systems, a premier security research, products, and services company. No known exploits of the bug have been reported prior to the update's release.

Read the press release here.
Here is an article from ZDNet abouth this fix.

This release fixed 3 vulnerabilities (2 are critical)

So upgrade to v1.0.2 ASAP
or turn off image display and javascript and don't add any sidebar-panels

Greetz,
Rik©

 

 

 

Reply

Cif

Mar 24 2005, 05:03 PM

I've update all my computers...
Go firefox go

Reply

ReRush

Mar 25 2005, 01:10 AM

Heh, thanks for that. I'll be sure to update firefox.

Reply

Luigi

Mar 25 2005, 12:06 PM

I had to do that yesterday. A way to realise if you need to update your Mozilla is that a red symbol thing will appear to the top right corner of your Mozilla browser screen, that is how i realised i needed to update.

As has already been mentioned, keep up the good work Mozilla.

Reply

Carsten

Mar 25 2005, 02:05 PM

The red arrow is much better then an annoying system tray icon poping up every 30 minutes saying that you have to update. I love Firefox

Reply

=Savage=

Mar 25 2005, 04:16 PM

True carson, i hate it when the system tray pop-up. That is just plain annoying!

Like Luigi, I had to do the update yesterday, lucky i noticed the symbol on the browser.

I also love Mozilla browser, and am most appreciative for the work Mozilla do.

Reply

Latest Entries

Hamtaro

Apr 8 2005, 03:44 AM

Hmm..I never lost any of my settings when I updated Firefox...may have been because I didn't remove the older version. I still had all bookmarks, settings, and everything else. A patch COULD be more useful...the updates wouldn't take as long to download if they did that.

Reply

Casanova

Apr 8 2005, 02:35 AM

Mozilla needs to start making update patchs availible instead of forcing the user to re-download the entire problem. The only thing i dont like about firefox is that two times updating firefox caused me to losse all my bookmarks,extensions and other settings.

Reply

Izlude

Apr 5 2005, 09:57 PM

QUOTE(choetry @ Apr 2 2005, 07:29 PM)

Hey I face the same problem too. I downloaded the update and then my Norton Internet Security blocked firefox.exe (or something like that) and then lots of things popped up requiring me to choose the connection and stuff like that. In the end the browser loaded but couldn't connect to the internet, so I had to uninstall the 1.0.2 and install the old version again. Anyone know what's wrong with mine? Sorry I am a technology noob (is this word allowed here?).

Im sorry I cant help you with the norton internet security because I have not tested it yet, but try to find a feature to unblock 'firefox.exe' forever (like an exception list or something like that). Basically you are trying to upgrade your browser and norton doesnt want you to.

Dont even worry about being new mate we're here to help.

Reply

guangdian

Apr 3 2005, 06:43 AM

Fire?Now really using it.
Will Update right.
Just take a look of mozilla.rog .

Reply

Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*:		Opinion/ Reply/ Comments Question/Query Feedback to us.
Name			Email
Title/Question*
(Maximum characters: 10,000) You have characters left.
Confirm Code:

1. Mozilla: Firefox Plugin Shipped With Malicious Code - (3)
2. Hackers Focus Efforts On Firefox, Safari, And Office - (1)

   QUOTE Many people are switching from Internet Explorer to alternative browsers such as Firefox
   and Safari. Though that might make them feel more secure, the shift has also opened new doors for
   bad guys. Case in point: We have no IE bugs to report this month, but both Firefox and Safari have
   been hit hard. So forget the idea that just because you've switched to a new browser,
   you're magically safer. You may be for a time, but to stay safe with any software, you need to
   keep current with fixes. Firefox Holes In a somewhat dubious recognition of Firefox's...

3. Cpanel Exploit - security hole in cPanel to hack the servers of a hosting company (8)

   A pair days ago I read this new on Slashdot: cPanel Exploit Used to Circulate IE Exploit
   QUOTE "In a dangerous combination of unpatched exploits, hackers have used a previously
   undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of
   hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit.
   cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix.
   It's a local exploit, meaning the attacker must control a cPanel account on the target hosti...

4. White Paper: Security Threat Report: 2008 - (0)

   I saw this white paper and I thought I bring down some interesting information that has come from
   2007 and leading into 2008. I have to say though that the information on this white paper is pretty
   darn mind blowing as I bounce some facts to everyone. Of course since I been getting into this
   since last year it is not all that surprising since I posted many topics about it as well.
   -Sophos currently sees 6,000 new infected webpages each day -One infected page every 14 seconds
   -Only about 1 in 5 of these sites is a hacker site -83 percent are hacked sites, or legitima...

5. Opera, Firefox Bug Could Reveal Web Travels - (0)

   OH NO!!! (sarcasm there) QUOTE A flaw in the way the Firefox and Opera browsers
   handle an image file could allow an attacker to see what Web sites a person has visited. The
   problem concerns how the two browsers handle a ".BMP," or bitmap, image file, according to an
   advisory written by Gynvael Coldwind of Vexillium.org, who posted a video illustrating the problem.
   A malicious bitmap file can be created that pulls other information from the browsers' memory.
   Some of the information that can be captured is random, but at other times could be valuable...

6. Is There An Exploit In Vista Home Premium To Make Firefox Permanant Default Browser? - (4)

   I just got a new laptop, and of course it's loaded with vista. Everything works awesomly!
   (my last PC was from 2001, BIG DIFF.) But the damned thing compulsivly and automatically sets
   Internet Explorer to my default browser and won't let me change certain things which browsers
   will typically handle. 've manually changed it so Firefox handles all the stuff except HTTPS
   and what not (CANNOT CHANGE W/O HACK!), but IE just bumps in every time I want to click a link
   from a non-browser based file /sad.gif" style="vertical-align:middle" emoid=":(" border="...

7. Security Warning 2008: Top 11 Malware Threats To Watch Out For - (0)

   Before I go into this topic I have to say, stop making up these crazy names. I know I just getting
   into the security side of things but still as long as there are computer problems and ways to sucker
   someone into downloading the stuff, the crazy names will still live on. QUOTE Lieware
   ADVERTISEMENT In 2007, there was a lot of "rogue anti-virus software," which is sometimes also
   referred to as "fake anti-virus software." But these terms are confusing because there's too
   much negation going on. Fake anti-virus software is not anti-virus software at all. So what ...

8. New Security Hole Discovered In Excel - (0)

   Well I have to same I am bit surprise on this security flaw especially what it can do; in which all
   a user has to do is open a malicious Excel document and it allows the hackers to execute remote code
   on to your system. As far as how wide spread this vulnerability is, it hits every excel software
   from Excel 2000 to Excel 2003 SP2, and it also includes the Mac Version of Excel 2004 as well. OF
   course with the disappointment of Office 2007 by some people will still be running the 2003 versions
   on their computers. Right now the attacks are minimal and the question for t ...

9. Security Commom Sense - (0)

   A very good article titled "Security Common Sense" in gnucitizen.org Below is the link to that
   article http://www.gnucitizen.org/blog/security-common-sense Website Link
   http://www.gnucitizen.org "We basically train a bunch of monkeys to click the yes button for
   every security warning." Don't you think many of us fall under the category? because most of
   the time we do not see what the dialog says, but press Yes, which might not treat you well
   sometimes... A good read....

10. Symantec's Top 10 Internet Security Trends Of 2007 - (3)

    Well I saw this article and after reading it all just to find the top 10 security problems I thought
    I share them and give my thoughts about them. I know I know its horrible but what can I say, its me
    /laugh.gif" style="vertical-align:middle" emoid=":lol:" border="0" alt="laugh.gif" />. 1.) Data
    Breaches For the most part I am not surprise especially the big stories of 2007 which include the
    TJ Max breach of 45 million credit/debit cards; I believe that has been the biggest hack job ever in
    terms of stolen cards and id theft (somewhat). Oh lets not forget the al...

11. Linux Security Tools - (5)

    Hi, I've posted some security tools and links in my last posts,I preferd to post new topic and
    send he extra here : Network Sniffers # DSniff http://www.monkey.org/~dugsong/dsniff/ #
    Ethereal - full network protocol sniffer/analyzer http://www.ethereal.com/ # IPTraf - curses based
    IP LAN monitor http://iptraf.seul.org/ # TcpDump - network monitor and data acquisition
    http://www.tcpdump.org/ # KISMET - 802.11 wireless network detector, sniffer and intrusion
    detection system http://www.kismetwireless.net/ Online Tools # AutomatedScanning.com - commer...

12. Iphone Update Disable Hacked Phones - (5)

    After reading the article it is obvious what the update was for besides adding in new services and
    updates, however, it took all of what, two weeks to hack the IPhone? So I doubt it will that long
    to figure out what apple change to disable the hack phones. I found this particular quote amusing,
    "...company officials insisted they were "not proactively" trying to make hacked iPhones useless."
    Heck I would if I knew I would be losing millions of dollars a month on a phone that that was hacked
    and used by another phone provider, but like I said earlier it won't take ...

13. Hole In Microsoft Messenger Program Requires A Immediate Update - For Users of MSN Messenger 6.2, 7.0 and 7.5 versions of MSN Messenger (0)

    SOURCE Well it seems that Microsoft found a huge hole in MSN Messenger that was bad enough that
    they want people to upgrade to the current Messenger which is Live 8.1 or something like that. As
    for details on the problem they just said the following, "..which let hackers embed malicious code
    in Web chat invitations to users." and that they found this problem in "6.2, 7.0 and 7.5, as well as
    Windows Live Messenger 8.0." Although it was interesting to know that people were actually
    complaining about Live Messenger being a resource hog, well the last time I check msn w...

14. Security Firm Kaspersky Lab Creates Ipod Virus - (1)

    With the flood of news coming about the .ani exploits it seems the tech world is recieve more news
    about new hacks, viruses and other bad stuff these days. Today Kaspersky Lab created a virus that
    is able to affect the Ipod, however, it is only affecting Ipod's that have linux installed and
    not the standard OS that comes with Ipod. The virus goes by the name of Podloso, although they say
    it doesn't show a current threat this virus does show the possiblity to install malware into
    devices such as the Ipod. They also mention that the virus does not copy it self...

15. Microsoft Update Program Being Used By Hackers - (6)

    Although I am bit surprise that no one really take about way back then, but it seems the hackers and
    crackers I starting to use the microsoft update downloading to transmit there malware and torjans to
    compromised computers. The reason being is that the Microsoft update program bypasses firewall
    security protocals and so when that malware is getting download, your firewall and virus programs
    will not pick it up. I know a few people turn it off and either download them manually or don't
    download them at all. So to toss out a warning, when you get he windows update ...

16. Firefox Flaws Galore - (7)

    Well it seems firefox flaws are becoming a popular now, the two flaws that have been reported all
    follow the same protocol that had posted about before; QUOTE The flaw lies in Firefox's URL
    handler component.. Like the first flaw, this one could be exploited by attackers to launch
    programs on the victim's PC without authorization, said Tyler Reguly, a security research
    engineer at nCircle Network Security Inc. "They're both related to the URL handling process," he
    said "It's just different errors within that handling process." So far it would se...

17. Interesting New Ie - Firefox Bug ( A Must Read Asap) - FF 2.0.02 and up users need to know about this (3)

    Well it has finally happen and strangely enough I didn't really think about it until now, but it
    seems a security team found a very high level bug that requires both Internet Explorer 7 and
    Modzilla Fire Fox. This is the jist of the bug; QUOTE The root of the matter is a Firefox
    uniform resource identifier (URI) that allows Web sites to force Firefox to launch with the
    "firefoxurl://" URI, Secunia reported. The way in which the URI handler is registered by Firefox
    causes any parameter to be passed from IE (or another application) to Firefox when the "firefoxurl...

18. Security Guidelines For Internet Users - (6)

    Security Guidelines for Internet Users 1. Install an anti-virus software, you can free ones like
    AVG Free . Ensure that it's regularly updated - this is of the utmost importance. 2.
    Anti-virus software is not enough, the security can be tightened using a firewall software which
    will help you prevent unauthorized incoming and outgoing communications from your computer while
    connected to the Internet. 3. Disconnect your computer from the Internet when not in use. The
    longer you are connected to the Internet, the more opportunity you give for persons to gain un...

19. Php Security Vulnerability - Beware From Spammers - If you notice your site becoming really slow, you may be a victim (1)

    QUOTE PHP Security If you are using PHP on your website we ask that you please read the
    following carefully. We have noticed a significant number of PHP websites are being compromised
    due to vulnerable PHP code. Spammers are scanning millions of websites on the Internet looking for
    PHP scripts that can be exploited to send spam. When they find a script that has a loophole they
    send thousands of email messages through the script, often taking down the website or severely
    impacting website performance. Generally these loopholes exploit code using paramet...

20. Major Flaw In .ani File Found In Windows 98 Through Vista Creates Major Security Risk - Vista Aint that Secure at all (9)

    I was able to browse around this and found it interesting since this vunerability is found in 4
    Microsoft Operating Sytems, Windows 2000, Windows XP, Windows Vista, Windows 2003 Server. From the
    article Microsoft stated that their is a hole in the .ani files, which happen to be related tothe
    mouse cursor, when the mouse icon changes depending on what you do. They only mention that with
    this flaw it always hackers to break into someone computer and do their thing. But in another
    article relating to this attack it was mention that in order for this to happen a user has ...

21. Brand New Security Holes Found And Patch On This Month Updates And Office Exploits - (0)

    Even though the fiasco with the .ANI exploit is still going strong microsoft released it's month
    updates this time they found 4 more critical breaches in it's systems (XP), most people should
    have gotten the update pop up screen yesterday. So here is the info on these critical flaws.
    http://go.microsoft.com/fwlink/?LinkId=84687 http://go.microsoft.com/fwlink/?LinkId=85130
    http://go.microsoft.com/fwlink/?LinkID=85163 http://go.microsoft.com/fwlink/?LinkID=85164
    http://go.microsoft.com/fwlink/?LinkId=80251 I don't know how reliable vista will be af...

22. Zero-day Firefox Exploit - (5)

    Link to Article: http://news.com.com/Hackers+claim+zero-day..._3-6121608.html Thought this was
    interesting. Really caught me offgaurd, didn't expect such a huge flaw on a GPL based program.
    Whats even more scary is they said they have about 30 other flaws found......

23. Windows Crashing. Can't Use Opera Or Firefox - deleted files in temp folder (3)

    Windows has been acting strangely by now, it freezes/clogs badly, I can't use Opera, MF or
    continue my tutorials due to this problem. It gets on my nerves as I think it was MY problem because
    I deleted MOST of the files in the Temp folder. CODE (Start>Run...>%Temp%)
    That folder, most of the files were deleted by me. I consulted my friend by half-screwed MSN, he
    said I "effed me up the arse" by doing that. He recommended me backing up and formatting. I never
    did that before so I think it will be most-likely half-impossible for me. And as I d...

24. A Very Simple Security Tip - for Windows 2000/XP (13)

    We all know the difference between a limited user and an administrator user under Win2k/XP - you
    can't/can install major software, perform system maintainence, and other stuff. But using a
    limited user on a day-to-day basis also provides you with decent protection from a bunch of threats:
    if the malware is running under your limited-rights user, it can only do as much as you can. For
    instance, a limited rights user can't edit the HKLM hive of the Registry, so any malware running
    under the same user won't be able to touch that area. It's extremely simple t...

25. List Of Security Sites - (7)

    List of security sites, I'll try to update the list as soon as I can . with compilations of
    recent security threats, Global Incident Analysis Center (GIAC), GIAC training, and Reading Room
    http://www.sans.org/ http://www.infragard.net/ http://www.cert.org/security-improvement/
    CERT Security Improvement Modules,including general information on firewalls and intrusion
    detectors. excellent set of papers on firewalls, viruses, e-commerce, etc. http://www.icsa.net/
    http://www.gocsi.com/ (Source of the annual "CSI/FBI Computer Crime and Security Su...

26. Security Not Safe - (2)

    Hi everyone!!!!!!! This is the last one!! /tongue.gif"
    style="vertical-align:middle" emoid=":P" border="0" alt="tongue.gif" /> Ok guys, I heard
    somewhere that if we protect some page with password, it is steel not safe at all, if we dont hace a
    secure connction (http s ://...) How is it true? is there a posibility that some one can see a page,
    even if it is protected by password? (the scrit in tha page don't allow IDs that didn't past
    from the login page) is that script sufficent? thanks a lot to every one /biggrin....

27. Rootkits - the security threats that no one's heard of (2)

    a security threat to be concerned with is the increasing prevalence of viruses containing advanced
    rootkits to hide their actions or data on the computer. even from the anti-stuff tools. a
    rootkit was originally a name for tools that hackers/crackers would use to maintain root on
    unix/linux machines. root is the uber user with all the permissions on a linux box. on windows
    these tools can be used to hide data on the harddrive and in the registry by manipulating the way
    the data is stored. THe windows api(the thing windows uses to communicate to the hardware) read...

28. Light To Heavy Security Tips - Some (helpful?) Suggestions (4)

    (excessively long intro, skip to 'suggestions' for immediate tips) Its almost 2 am and I
    just finished an email detailing some ideas I had to keep systems a little more secure than usual (
    tips that can be applied to most any Windows users system ). I dont feel like re-editing it so it
    doesnt sound I copied and pasted it from my email, cause I did, and its late. Please note THIS IS
    NOT SPAM. I did write all of this, just in an email before I copied and pasted it here. These are
    entirely valid and ( I hope ) helpful tips for most anyone. Of course I hate just yap...

29. Firefox Exploit - (0)

    QUOTE Earlier this week, I blogged about a site doing a bunch of different exploits, depending
    on what you are running. One of the things the site will do is detect if you have Firefox, and
    attempt to exploit it, using the InstallVersion.compareTo() vulnerability. Read More with
    images Already found to be copying and pasting. Take this time to review our forum rules. Warning.
    ...

30. Microsoft Ships First Vista Security Patches - yup, got that right -- VISTA (9)

    Microsoft Ships First Vista Security Patches http://www.eweek.com/article2/0,1895,1911406,00.asp
    QUOTE Microsoft Corp. has shipped the first critical security update for Windows Vista, the
    next version of its flagship operating system. Over the weekend, the company released patches for
    beta testers running the Windows Vista December CTP (Community Technology Preview) and Windows Vista
    Beta 1, and warned that the new operating system was vulnerable to a remote code execution flaw in
    the Graphics Rendering Engine. A Microsoft spokesperson told eWEEK that the Vi...