Mozilla released fixes for two critical security vulnerabilities Friday, which covered the way for hackers to begin malicious attacks that could crash a browser or take complete control of a user's computer.
The latest Firefox version 3.0.8, which initially was slated for release April 1, addresses critical errors affecting multiple versions of the Firefox 3 Web browser.
One of the critical Firefox updates repaired a critical flaw, made public during the renowned pwn2own contest at the CanSecWest 2009 hacker conference earlier in March that could allow hackers to launch a drive-by attack in the context of the browser.
The flaw was publicly demonstrated by a German hacker known only as Nils, 25, who successfully hacked the browser in exchange for a Sony Vaio machine running Windows 7.
The second critical bug, affecting Firefox version 3.0.7, stems from a XSLT vulnerability that resulted from improper handling of errors when transforming an XML document. The flaw, which was first brought to light by security researcher Guido Landi, could potentially be exploited by attackers who enticed unsuspecting users to open a malicious file using the affected Firefox browser. Once the victim viewed an infected file, attackers could then execute arbitrary code on the user's computer to crash the browser or initiate a denial of service attack.
While the execution of arbitrary code hasn't been proven in the XSLT flaw, it is also not entirely ruled out, Secunia researchers said in blog post.
Mozilla said in its advisory Thursday that it had been investigating both issues and was in the process of undergoing quality assurance testing for the impending fixes, implying that they would be forthcoming soon.
Security experts recommended that users update their browsers with the latest version of Firefox in order to protect vulnerable systems from attack. Additionally, Secunia researchers advised in a blog post that users avoid opening untrusted Web sites or clicking on unsolicited links, which might contain malware.
Some Related Search:
Browser Support Services
Firefox will not start after installing or updating McAfee SiteAdvisor
Outlook Live for IE, Firefox and Safari
Popular Posts
-
Microsoft has not only taken Exchange Labs, its hosted email service aimed at university and college users, to the next level, but also rebr...
-
Hard Disk failures have become commonplace and since it is prone to a lot of attacks, it has become an annoying computer problem. One way to...
-
affiliate marketing Configure whether you want tabbed browsing enabled or disabled in the Internet Explorer 7 web browser.By default, t... -
A computer support consultant is a seasoned consulting role which involves contract programming and system administration. Quite a tedious ... -
Features There may be manual fault or some unavoidable circumstances related with technical issues, when you lost your important home or bu... -
FACEBOOK has promised to fix a major privacy breach by this evening, after it was revealed the website was tracking users across the interne... -
Windows Key + Up Arrow or Down Arrow: This lets you maximize, minimize or resize the selected window. Windows + '+' and ': allow...
-
The title of the Internet Explorer window consists of the page title and the Internet Explorer window title. This post provide browser suppo...
-
affiliate marketing How to Restore a Hijacked Browser Browser hijacking is a online attack in which hackers take control on your comput...
-
If you have computer, then you have probably face these computer problems before. Once you purchase a computer, you must accept that sooner...
0 comments:
Post a Comment