Tumblr 101: Tips And Tricks To Get Started
Sebastian Thrun: Google's Driverless Car
Firefox 3 vulnerability, 8 million people affected!
If you were one of those 8 million people that downloaded Firefox 3 the other day be aware that Tipping Point DVLabs has announced a vulnerability in Mozilla's latest browser.Details are unknown but in order for this exploit to work, you'll have to visit a site with the malicious code and click the infected link. Zero Day rates the severity as "High" and it effects both version 2 and 3 of the popular internet browser. Mozilla has acknowledged the security issue and should have a patch issued in its 3.0.1 release shortly.
With the amount of beta testing that's been done on Firefox 3 it makes you wonder why something like this slipped by?
In the mean time, be careful of where you click and make sure Firefox is set to auto update.
Comments
13
Subscribe to commentsjames.skittJun 20th 2008 1:29PM
I think it slipped by because someone found it in beta testing but didn't release it until after the final version was released, just to make the headlines etc
karlynhuzJun 20th 2008 1:41PM
this is kind of "why i love Opera so much!!!" :P
BigBossSNKJun 20th 2008 1:40PM
"8 million people affected!"
So, by your account, you get affected by a vulnerability just by it existing. You know, without anything happening to your system.
Just be more careful in your phrasing next time, huh?
BrandonJun 20th 2008 2:45PM
Exactly what I was thinking...
keevesJun 20th 2008 3:04PM
If it affect versions 2 and 3 then a lot more than 8 million people are "affected", and also no matter how much beta testing version 3 had received, if it is present in the earlier version then there is no grantee it would be spotted, in exactly the same way it was missed previously.
cdavenport4Jun 20th 2008 2:03PM
In my opinion, there's not a piece of code that not susceptible to hacking. I think the Mozilla team has done an excellent job.
RocketboyJul 3rd 2008 8:53AM
Let me guess, you would not be so forgiving if "Micro$oft" did the same thing...
TushJun 20th 2008 2:40PM
There's always going to be exploits, you can never make it full-proof.
karlynhuz: agreed, I love Opera as well.
HornyJun 20th 2008 2:52PM
Does this mean no RedTube until 3.0.1 realease ;)
Asa DotzlerJun 20th 2008 3:24PM
The details of the flaw _have_not_been_released_ Is that really that difficult to understand? All software has flaws. All complex software has security flaws. Someone found a security flaw in Firefox 2 and Firefox 3 and they submitted that flaw to Mozilla in private so that users would not be harmed and Mozilla could fix it.
They also did a sort of press release announcing that they were cooperating with Mozilla on the flaw but they did not "release" the details of the flaw and so users are at minimal risk.
web design companyJun 21st 2008 4:34AM
uh oh... glad I've been a little too busy to DL it...
DougJun 21st 2008 11:29AM
Usually read engadget, but sometimes check out other blogs mentioned at the bottom. Such poor writing is so rare at engadget. Echoing other comments: Are people "affected!" when it's a private sharing of a security flaw? Since when does beta testing involve trying to hack the software?
This article reads like it was written by someone in high school; and with an even lower degree of awareness of software development than many in even that age bracket. Quite inappropriate to imply a (likely obscure) security flaw "slipped by" their beta testing process, when this is never the intent.
Joshua IssacJan 11th 2009 2:39PM
Firefox, insecure as ever.