Even Mozilla/Firefox is vulnerable

[jrdavid68]

Mozilla and Firefox Update Fixes Vulnerability

It's time to update your browser, though this time the problem is not with Internet Explorer, but with Mozilla and Firefox running on Windows. As described in the eWeek article at http://www.eweek.com/article2/0,1759,1621463,00.asp a flaw in the way Mozilla and Firefox handled links containing the shell: suffix could allow a malicious web site to run arbitrary code on the visitor's system. We advise you to upgrade to Mozilla 1.7.1 or Firefox 0.9.2 to patch this vulnerability. Alternatively, you may install the patch from http://ftp.mozilla.org/pub/mozilla.org/mozilla/releases/mozilla1.7.1/shellblock.xpi.

For more information about this vulnerability and ways of addressing it, please seehttp://mozilla.org/security/shell.html. This URL also points out that Thunderbird, an email client that's part of the Mozilla suite, is vulnerable, and explains how you can address the Thunderbird vulnerability as well.

[id10t]

"We have confirmed that the bug affects only users of Microsoft's Windows operating system. The issue does not affect Linux or Macintosh users."

Nice to see how quickly Open Source software can be audited by others... and fixed promptly.

[Porsche-O-Phile]

Open source rocks.

DOWN WITH THE MAN!!!

[nostatic]

Quote:

Originally posted by id10t
" The issue does not affect Linux or Macintosh users."

will windoze users ever get tired of the bs?

[RickM]

Quote:

Originally posted by nostatic
will windoze users ever get tired of the bs?

I probably wont switch from Windows any time soon but the crap is getting old. I recently dumped IE from my suite of home software.