VTLGlobal an offshore web design and project development company

home   about us - services - resellers - careers - contact us
  Questions? Call 866.925.7563
 
VTL-offshore development news

 
» Home » News/Press releases  

Firefox Update Closes Security Holes

 

March 06, 2009

The latest update to the open-source browser shores up a number of security risks, including some that Mozilla says could be exploited by an attacker to run commands on a vulnerable computer. But the flaws still affect the current Thunderbird release, 2.0.0.19.

One of the bugs involves a library used for PNG images, and could presumably be triggered by a poisoned image on a Web page. The second would be harder to exploit, as its description says you'd have to reload a page specially crafted to target a memory management flaw to get hit.

The other critical flaws could potentially allow an attacker to crash the program and run arbitrary code, which usually means installing malware.

These risks all affect the Thunderbird e-mail program as well as Firefox, but the Mozilla advisories says the Thunderbird fixes won't come until version 2.0.0.21. Thunderbird is only at 2.0.0.19 right now.

Until the Thunderbird fix comes around, users should be able to to mitigate the first risk with PNG images by only loading images in trusted e-mails. The others can be evaded by making sure Javascript is disabled in mail (the default setting).
    Archive
    March 2009
     
    February 2009
    January 2009
    December 2008
    November 2008
    October 2008
     
     
 

Custom software development | Software outsourcing to India | Offshore employee leasing | Custom web development | Custom web site designing | Web marketing
SEO | Employee leasing options | Remote staffing options | Customer support | Privacy policy | FAQs | Contact us | Sitemap
Demo | Vtlglobal-Partners | Resources | Link Exchange | Links | Link2.....