Last Saturday, March 8, the Mozilla Foundation
announced that a potentially critical security
vulnerability had been identified in the Firefox Web
browser and the Mozilla suite (consisting of the Mozilla
Web browser and other applications):
http://www.mozilla.org/security/announce/mfsa2005-42.html
This vulnerability exists even in the latest versions
of Firefox (1.0.3) and Mozilla (1.7.7) for multiple
platforms, including Microsoft Windows and Mac OS X. And
there is (at least) sample exploit code already published.
The security advisory at the URL above provides advice
about how to mitigate this vulnerability until a fix is
available. In brief: in Firefox and Mozilla, turn off
Javascript; and in Firefox, disable installation of
software from sites other than Mozilla's own sites.
(Note: turning off Javascript will disable some
functionality on some websites.)
(Apologies if this has already been posted and I've
somehow missed seeing it ...)
Aron Roberts
Workstation Software Support Group
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed May 11 10:54:05 2005
This archive was generated by hypermail 2.1.8 : Wed May 11 2005 - 10:54:07 PDT