Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
First zero day exploit hits Firefox 3.6
Security specialists from Russia have exploited a security hole in the Windows version of Firefox 3.6. The recently discovered exploit could let an attacker take control of your PC. The exploit doesn't appear to affect Firefox for Mac or Linux. The hole is likely to be still open since no updates have been released since the exploit became public. Secunia ranks the problem as highly critical and the Mozilla Foundation has yet to release an official statement - and patch.
It's not clear how widely circulated the exploit is. Extraexploit notes that there was a noticeable increase in the number of Firefox 3.6 crashes on February 12th and 13th. But it's impossible to say whether this was related to the exploit.
Make sure to check for Firefox updates more often since the built-in update checker is very dull. Users with older versions of the Mozilla browser may update to Firefox 3.0.18 and Firefox 3.5.8.
[via The H Security]
Comments
9
Subscribe to commentsThe_DocFeb 20th 2010 2:18PM
"...exploit for Windows XP (SP3) and Vista..."
Does that mean that computers running Windows 7 are safe? Or is 7 similar enough to Vista to still be vulnerable?
Oliver KomadinaFeb 20th 2010 2:23PM
Yes, it seems like the exploit only hits XP SP3 and Vista users.
The_DocFeb 20th 2010 3:24PM
Great, thank you
saudrapsmannFeb 20th 2010 2:55PM
Looks like Firefox is the new IE.
Hurray for Chrome and Opera!
phezFeb 20th 2010 10:50PM
Reiterating previous comments; don't expect a foolproof solution from any browser out there. A slice of common sense goes a long way.
BuggerFeb 21st 2010 4:13AM
No doubt, it's time for the Fox to step up. It's starting to face the music.
As for Opera and Chrome, I'd like to see how secure they are when they have a double digit market share.
WebDevHoboFeb 22nd 2010 2:22PM
Well that sucks. Here's hoping it gets fixed quick.
Money MikeFeb 22nd 2010 3:35PM
"The recently discovered exploit could let an attacker take control of your PC."
I'm sorry, but that sounds incredibly scary. Can that please be patched pretty quickly - maybe just a little sooner than immediately?
On a side note, can I assume the memory leak has finally been plugged? I've been using Chromium for months now because... well, it's just so fast... and I'm really not losing functionality anymore.
I'm really starting to wonder when Firefox is going to entice me to come back.
KeithFeb 22nd 2010 6:01PM
There are concerns posted to the Secunia web site that this may be a hoax. It isn't clear that anybody has been able to reproduce it yet.