How To Stop Firefox Clickjacking Exploit Attack

Filed under
Security

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME (used to serve ads) can be used to attack on end users. Attacker is able to take control of the links that your browser visits. From the article:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

According to victims on several Web forums, the attack is coming from Adobe Flash-based advertising on legitimate sites — including Newsweek, Digg and MSNBC.com.

How do I stop Clickjacking under Firefox?