Security vulnerability in Firefox

Started by Rik, Aug 14, 2007, 10:05:50

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Rik

El Reg is reporting a potential problem with FF. "A security researcher has discovered a vulnerability in Firefox that could allow criminals to remotely siphon private information stored in plugins and call sensitive functions."

The report goes on to say, "A Mozilla spokesman said the organization is investigating the report. As usual, the best workaround in the interim is NoScript, provided the site exploiting site has not been authorized to run javascript. ®"
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Lance

It seems to me that the vulnerabilities in Firefox are appearing as quickly as they do in IE!
Lance
_____

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

I suppose it's inevitable as the user base expands, Lance. :(
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Inactive

This was part of my reasoning for using Opera for online transactions, less users, so arguably less vulnerable, that's my theory, not sure if there is any strength in it. :laugh:
Anything and everything that I post on here is purely my opinion, it ain't going to change the world, you are under no obligation to agree with me, it is purely my expressed opinion.

Lance

Indeed it is.

What I like about it is that the people using FF, as they think it to be more secure than IE, are actually not that much better off!
Lance
_____

This post reflects my own views, opinions and experience, not those of IDNet.

J!ll


Rik

Not if you're careful what you do, Jill. For absolute security, run the NoScript add on.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Ray

I will continue to use Firefox as Rik says also using the Noscript add-on.
I can't change to Opera as I use Roboform for storing my passwords and logins and Opera is one of the few Browsers that doesn't work with Roboform  :(
Ray
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

J!ll

Quote from: Rik on Aug 14, 2007, 13:25:41
Not if you're careful what you do, Jill. For absolute security, run the NoScript add on.

Oops, done, ta

Rik

One thing we shouldn't lose sight of is that there are no recorded attacks using this technique as yet, only a proof of concept. The chances are that, by the time anyone is in a position to exploit the vulnerability, it will have been patched.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.