Extremely Critical Firefox Advisory: Update!

[MicrotechXP]

Another flaw has been posted to Secunia, a trend for the past few days at least, to show that the Mozilla 'honeymoon' is over and that it's browser is as vulnerable as any other popular one on the market. Previously Mozilla had a good track record for being one of the more secure browsers, simply because it wasn't used enough. That all changed when Mozilla released Firefox, people now work around the clock finding its holes and exploits, with a larger userbase being affected.

It's important to note however that this exploit affects Unix/Linix systems, not Windows and today's 1.0.7 release contains a fix. Mozilla deserve credit and have repeatedly shown they are quick to respond to its exploits.

Peter Zelezny has discovered a vulnerability in Firefox, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the shell script used to launch Firefox parsing shell commands that are enclosed within backticks in the URL provided via the command line. This can e.g. be exploited to execute arbitrary shell commands by tricking a user into following a malicious link in an external application which uses Firefox as the default browser (e.g. the mail client Evolution on Red Hat Enterprise Linux 4).

View: The Secunia Advisory
View: MicroTechXP Forum Disscusion
Download: FF 1.07 Update
News Source: MicroTechXP

 

[forza]

Thanks for that. I had to go back to IE for a while because the images kept messing up in 1.5 BETA 1. I get to go back to ff, YAY.

 

[MicrotechXP]

Your Welcome. Just to warn you som things will not work sith the new version.

 

[Spartan Erik]

[waits until IE 7 comes out]

whistling in the meantime, using IE 6
theres no need for any other browser if it already works and i have the protection i already need..

 

[TheJeffsta]

What an egg! Internet Explorer contains more security exploits than all Mozilla products put together - sheesh!.

Anyways, thanks for the information MicrotechXP. Have you found out / Do you know what the things that dont really work properly are?

I know that FTP in Firefox has been totally useless and inefficent, but the same with the current Internet Explorer.

 

[Brandon]

Yeah look how many IE SP are relased in a month. They just never tell you.

 

[Spartan Erik]

for you firefox users..

http://news.yahoo.com/s/nf/20050922...iUjtBAF;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl

it has 2x more flaws than ie, but ie's flaws are more severe

 

[MicrotechXP]

Yup. Now that people are going to use Opera and FF now there will be more bugs for them than IE.

 

[stealth_thunder]

FF forever last forever and thanks for the alert must tell all my friends about this update all they would not update thanks again