Announcement

Collapse
No announcement yet.

File Deletion Flaw In Firefox Fixed

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    File Deletion Flaw In Firefox Fixed

    The Mozilla Foundation's Firefox stand-alone browser, which has been riding a wave of defectors from the security-plagued Internet Explorer, has a bug of its own, the open-source group recently announced.



    Firefox suffers from a vulnerability that could allow hackers to delete all the files in the Download directory, which by default in Windows is set to the Desktop. To exploit the flaw, the attacker would have to entice a user to download a file from a Web site.

    Users can avoid the issue by canceling unexpected file save prompts as well as any from an untrusted site, said the foundation. Users should also right-click download links, then use the "Save link as" selection in the pop-up menu.

    http://www.internetweek.com/breaking...cleID=49400533
    ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
    Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment
    Tags: None
  • #2
    Thanks for the update, I will soon get the nightly build and update once more.

    Comment

    • #3
      Users can avoid the issue by canceling unexpected file save prompts as well as any from an untrusted site, said the foundation.
      Well, duh... anyone who doesn't already do that is an idiot.

      Comment

      • #4
        you can do an update.

        Tools -> Options -> Advanced -> Software Update -> Check Now

        its set to do it every few days automatically but your best to do it now.
        Scott MacVicar

        My Blog | Twitter

        Comment

        • #5
          Hmmmm Scott... I have Firefox 0.9.1 and tried to do what you said to download the latest version, but it said no updates available... ??

          Do I have a problem?
          John

          Comment

          • #6
            You would have to download the full package. 0.9.1 is already obsolete so they most likely will not release an update for it.
            Translations provided by Google.

            Wayne Luke
            The Rabid Badger - a vBulletin Cloud demonstration site.
            vBulletin 5 API

            Comment

            • #7
              hmm... I thought I had the full package...?
              John

              Comment

              • #8
                What I love is that I got this 2 days ago in an auto-update. Thank god firefox implemented this feature. It also shows a little icon just below the minimize button too when updates are available
                Last edited by Dean C; Tue 5 Oct '04, 10:37am.
                Dean Clatworthy - Web Developer/Designer

                Comment

                • #9
                  Amazing how windows does this too.

                  Comment

                  • #10
                    Originally posted by TheMusicMan
                    hmm... I thought I had the full package...?
                    0.9.3 and 1.0PR have been released since you downloaded your version. Auto Updates didn't really work well until 1.0PR though.
                    Translations provided by Google.

                    Wayne Luke
                    The Rabid Badger - a vBulletin Cloud demonstration site.
                    vBulletin 5 API

                    Comment

                    • #11
                      Originally posted by TheMusicMan
                      Hmmmm Scott... I have Firefox 0.9.1 and tried to do what you said to download the latest version, but it said no updates available... ??

                      Do I have a problem?
                      Yes, download PR1.0(as much as I hate it). The auto-update didn't work in previous versions.
                      TheologyWeb. We debate theology. srsly.

                      Comment

                      • #12
                        Originally posted by Dean C
                        What I love is that I got this 2 days ago in an auto-update. Thank god firefox implemented this feature. It also shows a little icon just below the minimize button too when updated are available
                        Yes, by the time I learned of this security issue the other day, Firefox had already got me to install the update.

                        It's too clever by half!
                        MARK.B
                        vBulletin Support

                        Comment

                        • #13
                          Originally posted by TheMusicMan
                          Hmmmm Scott... I have Firefox 0.9.1 and tried to do what you said to download the latest version, but it said no updates available... ??

                          Do I have a problem?
                          Originally posted by Wayne Luke
                          You would have to download the full package. 0.9.1 is already obsolete so they most likely will not release an update for it.
                          It's really because the autoupdate got a complete overhaul and even, I believe, changed the very method used, between 0.9 and 0.10.
                          "63,000 bugs in the code, 63,000 bugs, you get 1 whacked with a service pack, now there's 63,005 bugs in the code."
                          "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
                          Utopia Software - Current Software: Utopia News Pro (news management system)

                          Comment

                          Previous template Next
                          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                          Working...
                          X