Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Vulnerabilities Discovered in Firefox 1.0

samzenpus posted more than 9 years ago | from the protect-yourself-at-all-times dept.

Mozilla 406

jflint writes "Today, the security firm Secunia has released 8 more security vulnerabilities it has discovered in Mozilla products, including Firefox and Thunderbird. The exploits "could be used by criminals to spoof, or fake, various aspects of a Web site, ranging from its SSL secure site icon to the contents of an inactive tab.""

cancel ×

406 comments

Sorry! There are no comments related to the filter you selected.

First (4, Funny)

Anonymous Coward | more than 9 years ago | (#11829720)

It's open source so it will get fixed quickly post.

ooh your good (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11829797)

I shall be following your career.

While eating cheese.

Yes, that's right. Following your career WHILE eating cheese. At the SAME TIME.

Wonders never cease.

Re:ooh your good (0)

Anonymous Coward | more than 9 years ago | (#11829889)

What kind of cheese?

Do not doubt the importance of this fact!

Re:ooh your good (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11829965)

I hate cheese.

My first boyfriend had cheese under his foreskin.

I liked it, but my mom said it makes you fat.

New Discovery? (5, Interesting)

fembots (753724) | more than 9 years ago | (#11829721)

Today, the security firm Secunia has released 8 more security bugs it has discovered in Mozilla products, including Firefox and Thunderbird. [......] If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about

Firefox 1.0.1 update was out before today, so did Secunia just look at what 1.0.1 update fixes and release its "bug" report, or did they discover something new to 1.0.1?

Re:New Discovery? (4, Insightful)

chrisbtoo (41029) | more than 9 years ago | (#11829764)

Chances are that they found the 8 bugs in 1.0, reported them to Mozilla, who kept it quiet and fixed them for 1.0.1.

I guess this is trumpet-blowing from Secunia, together with an advisory as to how important it is to upgrade to 1.0.1.

Re:New Discovery? (0)

Anonymous Coward | more than 9 years ago | (#11829769)

Did you perhaps think that they _told_ mozilla.org people before so it wouldn't cause havoc?? Thats what a real security company should do.

Re:New Discovery? (3, Insightful)

darkmeridian (119044) | more than 9 years ago | (#11829800)

The thing that sucks is that there is no update button in Firefox 1.0. Well, there is, but it only updates the Extensions when I run it. That could lead the average user to believe that they have already updated their browser. Will this be fixed in Firefox 1.1? Or should I file it?

Re:New Discovery? (1, Informative)

Anonymous Coward | more than 9 years ago | (#11829813)

Uh, they started rolling out the 1.0.1 updates. Run it again, you might get it.

Re:New Discovery? (5, Informative)

Daniel Boisvert (143499) | more than 9 years ago | (#11829846)

The update button showed up for me today. I clicked it and it ran me through the download and install of 1.0.1. The automatic update was intentionally delayed because of server capacity issues; apparently they've got them sorted out now.

Re:New Discovery? (2, Informative)

MattJakel (815179) | more than 9 years ago | (#11829877)

The thing that sucks is that there is no update button in Firefox 1.0. Well, there is, but it only updates the Extensions when I run it. That could lead the average user to believe that they have already updated their browser. Will this be fixed in Firefox 1.1? Or should I file it?

It looks like [mozillazine.org] they are aware of these problems and are working on them.

Re:New Discovery? (4, Informative)

juhaz (110830) | more than 9 years ago | (#11829897)

There is.

Asa mentioned something about server problems and activating the update for 1.0.1 later, and indeed it did show up today. Granted, it's a week since the release and that's a long time for security update... And windows-only apparently, though Linux users probably update trough their native package systems anyway.

His blog [mozillazine.org] has more.

Re:New Discovery? (5, Insightful)

einhverfr (238914) | more than 9 years ago | (#11829840)

I personally am grateful to Secunia for helping to look at Firefox's security the way that we should be.

Like it or not, we need these sorts finding vulnerabilities before the bad guys. No software is 100% secure. But any software has a security record better than IE.

Re:New Discovery? (0)

Anonymous Coward | more than 9 years ago | (#11829894)

Yeah or maybe designing a web browser isn't as easy as it's made out to be, now is it?

Its out? (0)

ad0gg (594412) | more than 9 years ago | (#11829869)

Really? I just went to check for updates button in the extensions manager and it says there are no updates for firefox. How am I suppose to know it got released? Better question, how are my parents suppose to know it got released? They don't read slashdot or any other technology news source.

What the hell? (5, Informative)

Anonymous Coward | more than 9 years ago | (#11829722)

Why is Slashdot linking to some guy's blog that no one has heard of rather than the actual Securnia advisories [secunia.com] page? The blog entry doesn't even link there! I don't even see how this is a story since Firefox 1.0.1 [slashdot.org] has already been covered on Slashdot, and these vulnerabilites were announced then [mozilla.org] .

Re:What the hell? (5, Funny)

AndroidCat (229562) | more than 9 years ago | (#11829814)

Firefox 1.0.1? What the..?! Windows Update never mentioned a thing about that, must be broken!

Re:What the hell? (0)

Anonymous Coward | more than 9 years ago | (#11829822)

Is that a blog site or a FUD site? It looks to me more like a FUD site. It's handling the slashdot crowd without a peep. Far too much bandwidth for a random blogger no one has heard of.

Re:What the hell? (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11829913)

One word: adwords

gnaa.us! (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#11829724)

firefos is teh suck. FP!

Uh oh...slashdot's being spoofed! (0, Troll)

TelJanin (784836) | more than 9 years ago | (#11829725)

"Nothing for you to see here. Please move along."

Guess I'll have to get a more secure browser, like IE

...only affects v1.0 (2, Informative)

Tumbleweed (3706) | more than 9 years ago | (#11829726)

If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about. The Mozilla 1.7.6 and Thunderbird 1.0.1 released should be out this week as well.

No worries, just keep your browser updated.

Re:...only affects v1.0 (1)

LiquidCoooled (634315) | more than 9 years ago | (#11829760)

Has the automatic update kicked in yet?

I ask because when they released 1.0.1 the updater was postponed for a week to prevent the servers from overloading.

Re:...only affects v1.0 (1)

Tumbleweed (3706) | more than 9 years ago | (#11829839)

I think it has - I was seeing some autoupdate popup things going on with it last night as I was using it, but never got around to investigating it to make sure that's what was going on.

Re:...only affects v1.0 (1)

owlstead (636356) | more than 9 years ago | (#11829847)

The answer seems to be no. In advanced there is a button [check] (which does not work correctly, click multiple times). Maybe they should add torrent functionality to download signed updates or something similar.

Re:...only affects v1.0 (3, Informative)

_xeno_ (155264) | more than 9 years ago | (#11829927)

Supposedly. By my reading of Asa's blog [mozillazine.org] , if you use the en-US version (most of Slashdot), then you should be able to get an update. Specifically, check out the entries localized 1.0.1 updates [mozillazine.org] and another try at update [mozillazine.org] .

However, I use the en-US version, and my Firefox refuses to auto-update. So it doesn't appear to be working for everyone. (I'm behind a firewall, if that matters.)

Re:...only affects v1.0 (1)

grennis (344262) | more than 9 years ago | (#11829870)

Excuse me? First it was "No worries", and now it is "Now worries but keep your browser updated".

If I have to keep tabs on secunia and worry about grabbing the latest hotfixes, I may as well be using IE.

Re:...only affects v1.0 (1)

gordgekko (574109) | more than 9 years ago | (#11829911)

I'm rather unimpressed with Firefox today. The update button popped up this afternoon yet the update itself was dated Feb. 25. I realize they didn't want a mass stampede to their server but that means a heck of a lot of people were unprotected (and remain unprotected) if they don't habitually check /. or Mozilla.org to see if there are new versions available.

They greeted this security update better than Microsoft usually does...but not much better.

Re:...only affects v1.0 (0)

Anonymous Coward | more than 9 years ago | (#11829914)

OK, but I need to redownload the whole app.
There are really no patches for Firefox 1.0.

As an aside, it would be best to come up with a patch mechanism for Firefox, instead on relying upon users going to check the mozilla page every once in a while (and maybe failing to notice that the "Download" link now discreetely says 1.0.1 instead of 1.0). That is, if a confortable user experience is one of the goals for Firefox...

Re:...only affects v1.0 (1)

idamaybrown (584881) | more than 9 years ago | (#11829962)

"No worries, just keep your browser updated." Thats what they say about IE!

firefox sucks (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#11829731)

like my penis on coke

MOD PARENT DOWN. PARENT IS A TROLL! (1)

Joey Patterson (547891) | more than 9 years ago | (#11829798)

Re:MOD PARENT DOWN. PARENT IS A TROLL! (0)

Anonymous Coward | more than 9 years ago | (#11829811)

Do we have a "-1:Stating the bleeding obvious" mod?

MOD PARENT UP, GRANDPARENT DOWN, REPLIES DOWN (2, Funny)

SirJaxalot (715418) | more than 9 years ago | (#11829874)

MOD GREAT GRANDPARENT UP

Re:MOD PARENT DOWN. PARENT IS A TROLL! (0)

Anonymous Coward | more than 9 years ago | (#11829844)

Please tell me you're trying to get bad karma.

first (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11829735)

first

patch here (5, Funny)

Coneasfast (690509) | more than 9 years ago | (#11829736)

you can find the patch here [microsoft.com] . ;)

Re:patch here (4, Informative)

Anonymous Coward | more than 9 years ago | (#11829794)

don't mod parent as troll, it's a joke, a parody of the fact that someone posts a link to firefox when there is a IE vul. story.

oh forget it, some of you mods are dumber than a deck of cards.

Re:patch here (2, Funny)

Anonymous Coward | more than 9 years ago | (#11829872)

oh forget it, some of you mods are dumber than a deck of cards.

I am a deck of cards, you insensitve clod!

Here we go... (0, Flamebait)

MarkMcLeod (759072) | more than 9 years ago | (#11829737)

How long before Microsoft jumps all over this, and uses it as yet another FUD related reason not to use Open Source software...

Re:Here we go... (5, Funny)

hawks5999 (588198) | more than 9 years ago | (#11829780)

I actually got an email from a friend of mine on the redmond campus warning me to be careful since I use that dangerous firefox browser about 3 hours ago. I told him I wouldn't believe it until I saw it on slashdot! :D

Ah well (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11829739)

At least with FireFox they'll be patched up within a few days. Unlike Microsoft which waits until half the world has been screwed over...

Emergency! (5, Funny)

Peter_Pork (627313) | more than 9 years ago | (#11829743)

Oh my God! I'm switching back to Internet Explorer right away!

Re:Emergency! (3, Funny)

someonewhois (808065) | more than 9 years ago | (#11829783)

Uhh, insightful? I think it was meant to be funny..

Re:Emergency! (5, Funny)

kagelump (812908) | more than 9 years ago | (#11829883)

uh... funny? i think this meant to be informative

Re:Emergency! (1, Funny)

bicho (144895) | more than 9 years ago | (#11829933)

Uh... I am not sure how this should be moded...

Re:Emergency! (2, Informative)

LiquidCoooled (634315) | more than 9 years ago | (#11829791)

Firefox is already fixed....

The others won't be long.

from the article:
If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about. The Mozilla 1.7.6 and Thunderbird 1.0.1 released should be out this week as well.

gentlemen, start your engines (0, Funny)

Anonymous Coward | more than 9 years ago | (#11829744)

Anyone taking bets how long these will take to fix? 2 weeks?

it's already fixed. (1, Informative)

Run4yourlives (716310) | more than 9 years ago | (#11829781)

RTFA

And yet... (5, Funny)

tannmann (819117) | more than 9 years ago | (#11829746)

I still feel safer than when I use IE.

eek! (0)

Anonymous Coward | more than 9 years ago | (#11829749)

Funded by the terroriists Securinitaara is!

The downside of popularity (5, Insightful)

confusion (14388) | more than 9 years ago | (#11829750)

Most all software has serious bugs, and the up-tick in firefox bug was as predictable as the sun rising. The real key is going to be in how the bugs are dealt with.

Jerry
http://www.syslog.org/ [syslog.org]

Re:The downside of popularity (0)

Anonymous Coward | more than 9 years ago | (#11829826)

oh [secunia.com] really? [secunia.com]

And that's a whole OS with an enterprise level database used by the largest institutions on earth.

Re:The downside of popularity (0)

Anonymous Coward | more than 9 years ago | (#11829882)

What part of 'popular' don't you understand?

Re:The downside of popularity (1, Funny)

doku_hebi_ryu (864351) | more than 9 years ago | (#11829885)

Most all software has serious bugs, and the up-tick in firefox bug was as predictable as the sun rising. The real key is going to be in how the bugs are dealt with.

What a great attitude. I've got to try that one on my boss sometime.

"Hey man, chill out. I'm like Firefox with all these bugs, and you know, everybody likes Firefox. I actually wrote those intentionally so people would love my software! Vat a Kantry!"

Doku

Re:The downside of popularity (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11829975)

Stupid faggot.

The most important part of TFA (5, Insightful)

Zocalo (252965) | more than 9 years ago | (#11829753)

"If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about."

Why this wasn't in the write up is beyond^W entirely to be expected given the recent track record of Slashdot editors... :P

It's obvious (2, Insightful)

SlashThat (859697) | more than 9 years ago | (#11829818)

They want it to look more like "news".

Re:The most important part of TFA (0)

Anonymous Coward | more than 9 years ago | (#11829866)

the slashdot editors only do enough work to keep slashdot popular, and to get their pay checks

Re:The most important part of TFA (2, Informative)

monophaze (208297) | more than 9 years ago | (#11829912)

Secunia collectively rated the vulnerabilities as "Moderately Critical," and said that only Firefox has been fixed. Users should download the newest edition, Firefox 1.0.1, which was released last week.

The vulnerabilities have been corrected in Mozilla, but the patched edition, 1.7.6, has not yet been officially released. The same goes for Thunderbird, the Mozilla Foundation's free e-mail client, which is also susceptible to the bugs. Both Mozilla 1.7.6 and Thunderbird 1.0.1 should roll out this week, Mozilla has said.


8 More Bugs Found In Firefox And Mozilla [techweb.com]

And there's already a fix? (0, Redundant)

b00m3rang (682108) | more than 9 years ago | (#11829754)

I'll take it.

Re:And there's already a fix? (0)

Anonymous Coward | more than 9 years ago | (#11829812)

I love that, theres already a fix??? Some of these vulnerabilites were found in excess of 6 months ago.

I frequently talk up (0, Troll)

Clockwurk (577966) | more than 9 years ago | (#11829763)

the advantages of firefox to all my co-workers and to family memebers. I usually mention security (along with the great extensions), and tabbed browsing. With more and more vulnerabilities being found, I might need to start recommending other solutions like AvantBrowser or Opera.

Re:I frequently talk up (-1)

Anonymous Coward | more than 9 years ago | (#11829774)

Firefox is teh Shiznit

Re:I frequently talk up (5, Insightful)

jrcamp (150032) | more than 9 years ago | (#11829819)

Yeah except Avant still uses Internet Explorer as its backend. All of these fixes for Firefox are for potential exploits, not something that's in the wild. It's a lot better track record than Microsoft has by far. Plus nobody's going to pay for Opera and they certainly won't put up with having ads in their browser.

Re:I frequently talk up (0)

Anonymous Coward | more than 9 years ago | (#11829868)

A potential exploit IS an exploit. To treat them otherwise is plain stupidity.

Re:I frequently talk up (0)

Anonymous Coward | more than 9 years ago | (#11829915)

Exactly, by the time the advisory is given, a fix is not only already available but the hole is, so far, only theoretically exploitable. This is a far cry from what we're used to with Microsoft where the advisories are delayed and 'sploits are found in the wild.

Re:I frequently talk up (1)

gl4ss (559668) | more than 9 years ago | (#11829871)

well.

whatever you recommend them to use, anything that fondles with data that's downloaded from random sites should be updated frequently.

i'm not entirely sure, but doesn't firefox's default start page mention if there's a new version available?

Re:I frequently talk up (5, Insightful)

merdaccia (695940) | more than 9 years ago | (#11829937)

I disagree, though I wouldn't call your post a troll. But since I can't post and untroll you, I'll post and hope someone else might ...

You shouldn't change your tune when security holes are discovered. Security holes exist in any application. Some are discovered, and some aren't. Your defense against security holes is two fold. The first part is that you want security holes to be discovered. The second part is that you want them fixed. The FOSS ideology helps with discovering them. And Mozilla's diligence helps with fixing them ... in fact, these holes have already been fixed.

Compare this with not being able to discover security holes and not being able to fix them, and you start to see why FOSS is good and why Firefox is brilliant.

THANK YOU SLASHDOT!!! (0)

Anonymous Coward | more than 9 years ago | (#11829770)

For some reason the front page of Slashdot fails to render correctly on Mozilla and Firefox for me. I AM NOW FREE FROM COMPULSIVELY READING IT!!!

Re:THANK YOU SLASHDOT!!! (0, Offtopic)

Neil Blender (555885) | more than 9 years ago | (#11829823)

For some reason the front page of Slashdot fails to render correctly on Mozilla and Firefox for me.

Someone is surely going to come along and say it's a bug in Firefox, the fix will be in 1.1, blah blah blah. Funny how Slashdot is the only site I have ever seen that renders so poorly as to make it unreadable at times under Firefox and Netscape 7+.

Re:THANK YOU SLASHDOT!!! (0)

Anonymous Coward | more than 9 years ago | (#11829886)

Should read: ... Funny how Slashdot is the only site I have ever seen.

Re:THANK YOU SLASHDOT!!! (2, Funny)

Nemo Black (651003) | more than 9 years ago | (#11829939)

I too have noticed that lately the /. front page has not been reloading correctly. I am in no way an expert with web page design, so correct me if I am wrong, but could it have something to do with style sheets?

I only have this problem is only with the /. front page and no other page that I frequent.

Re:THANK YOU SLASHDOT!!! (0)

Anonymous Coward | more than 9 years ago | (#11829953)

i noticed today that sometimes i would load up slashdot and only the top header and lefthand table would load and the main selection of articles would be blank, one click of the refresh button would fix it and the page loads good then...

Re:THANK YOU SLASHDOT!!! (1)

helix_r (134185) | more than 9 years ago | (#11829978)

...Funny how Slashdot is the only site I have ever seen that renders so poorly as to make it unreadable at times under Firefox ...

What?
I never had a problem with slashdot. What exactly makes it "unreadable"?

Re:THANK YOU SLASHDOT!!! (0)

Anonymous Coward | more than 9 years ago | (#11829902)

There's an extension to fix slashdot rendering in firefox ...

I'll save you by not mention the URL or the fact that it is called SlashFix.

Re:THANK YOU SLASHDOT!!! (0)

Anonymous Coward | more than 9 years ago | (#11829952)

That's not a fix, it's a work-around.

Why on earth doesn't firefox/mozilla correctly render slashdot. I don't really care who's fault it is, it's been months and months!

Internet Commerce On Its Way Out (0, Offtopic)

jIyajbe (662197) | more than 9 years ago | (#11829772)

Even spoof the SSL icon? This is giving me the willies.

Prediction: In 10 years, if there is no fundamental fix for these sorts of spoofs, or if the underlying model of the web is not changed, web-based commerce will be all but dead. Consumers won't trust any website with their credit card number, and with no money to be made on the web, the retailers will pull out too.

'Course, this might be a good thing...

Re:Internet Commerce On Its Way Out (4, Insightful)

GeorgeMcBay (106610) | more than 9 years ago | (#11829873)


Prediction: In 10 years, if there is no fundamental fix for these sorts of spoofs, or if the underlying model of the web is not changed, web-based commerce will be all but dead.


Are you on crack? People don't hesitate to hand their credit cards over to be carbon copied by pimply faced 17 year olds to make purchases at The Gap, why would they worry about SSL not being perfectly secure?

Re:Internet Commerce On Its Way Out (0, Offtopic)

GlassUser (190787) | more than 9 years ago | (#11829968)

Are you on crack? People don't hesitate to hand their credit cards over to be carbon copied by pimply faced 17 year olds to make purchases at The Gap, why would they worry about SSL not being perfectly secure?

Because the news tells them daily how scary this big new internet is. They "know" they're much safer with what they've been doing for years.

Security (1, Informative)

Scoria (264473) | more than 9 years ago | (#11829776)

I was actually expecting this. Firefox is an immature fork. One vulnerability eliminated is one less to be discovered later. It is inconvenient now, but should expedite relative maturity in the base. I am, however, still awaiting an automatic update for my installation of Firefox 1.0... ;-)

Re:Security (0)

Anonymous Coward | more than 9 years ago | (#11829830)

err . . . . Why are you still waiting the update occured like 2 months ago or something, this is old news.

The bugs have already been fixed (4, Informative)

Anonymous Coward | more than 9 years ago | (#11829778)

The bugs have already been dealt with. From TFA: "If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about". In other words, Firefox has already fixed these security bugs and all Firefox user have to do is upgrade to 1.0.1 [mozilla.org]

Let the timer begin (1, Funny)

YoDave (184176) | more than 9 years ago | (#11829779)

I'd say let's start the clock and see how long this takes to get fixed but...

remember people (5, Funny)

Anonymous Coward | more than 9 years ago | (#11829789)

Your bank can and will ask you to confirm your password at random intervals via email.

If in doubt about who sent the email, click on the link they provide in the email to get to your bank's website to make sure it's them.

And remember, even banks sometimes forget to get their ssl certificates in order. No worries though, MS has been focusing on security for the last couple of years and IE is almost as solid as Firefox is....

Hah! (4, Funny)

Anonymous Coward | more than 9 years ago | (#11829796)

That's why I use Firef... uhhh what???

mod (%up (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11829801)

long tejr8 survival

Firefox bugs (4, Insightful)

benspikey (658022) | more than 9 years ago | (#11829808)

Open source or Closed Source... makes no difference bugs and exploits will always exists. Claiming that firefox is the answer to all security problems is silly. Software by it very nature can be exploited for evil and no code is completely secure. Until people realize that the convience of software is bundled with the risk of exploits and that no matter how many patches or code rewrites exists problems will always exist. Makes me glad i'm in the software bussiness as I know my future is secure..

Re:Firefox bugs (1, Informative)

Anonymous Coward | more than 9 years ago | (#11829854)

It's already fixed, "ma'man".

Why Not Just Tell People to Update (0, Redundant)

r3v0ltn (535889) | more than 9 years ago | (#11829824)

Considering how many people don't RTFA, the post would be more useful if it mentioned the Firefox update.

So, how about Mozilla? (0, Redundant)

RealAlaskan (576404) | more than 9 years ago | (#11829833)

Do these also affect Mozilla 1.7.5? How about 1.8.x?

God forbid that I should RTFA; after all, this is slashdot.

Firefox ad hack! (1)

bryan8m (863211) | more than 9 years ago | (#11829887)

Everytime I load a page on Slashdot in Firefox it shows two prompts for passwords to these ad sites. Pretty annoying...

Re:Firefox ad hack! (3, Informative)

arootbeer (808234) | more than 9 years ago | (#11829976)

Hmmm...do you have a webserver on your box, and a no-ad hosts file?

I ran into that when I had IIS installed and a hosts file with many ad servers sent to 127.0.0.1.

I fixed it by turning off the Web Publishing Service.

Every day is insecure (4, Insightful)

rueger (210566) | more than 9 years ago | (#11829906)

Really, do we need a story every time some security problem appears in some software package? Surely anyone with half a brain understands that security relies on multiple protections.

Firewall, virus scanner, frequent updates to all software. Maybe a change in OS.

I really ignore all of these endless warnings any more and just trust that frequent updates and scans, and a reasonable amount of common sense and skepticism will protect me pretty much fully.

So is Billy counting bugs to go to sleep (1)

gelfling (6534) | more than 9 years ago | (#11829922)

You know the MS PR warmachine will make the most of this, don't you?

Microsoft Firefox... (1)

killtheOSSnazis (861780) | more than 9 years ago | (#11829936)

Microsoft Firefox is vulnerable.. what else is new?? wait a second... /confused

Why doesn't Firefox 1.0 update to 1.0.1? (2, Interesting)

Mustang Matt (133426) | more than 9 years ago | (#11829940)

Does anyone have an explanation as to why firefox's online update feature doesn't upgrade to 1.0.1?

Now, for all us non Firefox 1.0.1 users is (1)

Ice Station Zebra (18124) | more than 9 years ago | (#11829943)

this really /. or a clever spoof that will steal my credit-card numbers, drain my bank accounts and kill my grandma?

Arrrrrrrrrrrrrrrrgh......

Where's the update? (1, Redundant)

teslatug (543527) | more than 9 years ago | (#11829944)

What's the use of having an update feature if you never enable it or get it in a working state? I have never been able to update firefox through the built-in feature.

Great! (0)

Anonymous Coward | more than 9 years ago | (#11829967)

All publicity is good publicity. Now that we have exploitation parity we need to get those ActiveX controls running and screaming for better interoperability.

On the other hand, the jury's still out on the effectiveness of the raptor head. I mean even my lil's sister is seeing the writing on the wall and declaring the moz is dying. Maybe we need a new emblem like a leprechaun or something.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>