Language Selection

English French German Italian Portuguese Spanish

Firefox's flaws fixed in upgrade

Filed under
Software

The Mozilla Foundation, maker of the open source web browser Firefox, has released a security patch to plug two critical security flaws in the browser.

The flaws were found last week by net security experts. Danish firm, Secunia, called them "extremely critical".

Mozilla has now recommended people upgrade to the latest version, Firefox 1.0.4, which is a security update.

Firefox is Microsoft Internet Explorer's (IE) main rival. IE has dominated the browser market.

But many have switched to Firefox because, so far, it has had fewer security flaws than IE and is more customizable.

Although the vulnerabilities, reported on Saturday, had been identified no cases had been reported of them being exploited.

Secunia said they were "extremely critical" because they could have let cookie and history information be used to get access to personal information or access previously visited sites.

The first flaw reported fooled the browser into thinking software was being installed by a legitimate, or safe, website.

The second happened was related to the software installation trigger which was not able to properly check icon web addresses which contain JavaScript code.

Potentially, a hacker could have taken advantage of the security flaws to secretly launch malicious code or programs.

Full Story.

More in Tux Machines

Ruby 2.2.0 Released

We are pleased to announce the release of Ruby 2.2.0. Ruby 2.2 includes many new features and improvements for the increasingly diverse and expanding demands for Ruby. Read more

2014 Catalyst Linux Graphics Benchmarks Year-In-Review

With the year quickly coming to an end, it's time to do our year-end driver recap benchmarks from the year for the proprietary AMD and NVIDIA graphics drivers as well as the open-source drivers. To get things started, here's benchmarks done of the official AMD Catalyst Linux releases of 2014 and testing these drivers on three different graphics cards. Read more

From Red Hat's CEO: Reflecting on a 'great year,' looking to '15

It is confirmed: 2014 has been a great year for Red Hat. [On Dec. 18], we announced third quarter results of our fiscal year 2015 and, with that, celebrated our 51st consecutive quarter of revenue growth - more than 12 years of consecutive revenue growth. Thank you to the team of Red Hat customers, partners, open source contributors, and associates around the world, for helping us propel Red Hat to new heights. While 2014 has been a fantastic year for Red Hat, it has also been a banner year for open source. Read more Also: Red Hat Tech Exchange highlights: Architect, Implement, Enable

Open Source's 2014: MS 'cancer' embrace, NASDAQ listings, and a quiet dog

Ho hum. Another year, another slew of open source announcements that prove the once-maligned development methodology is now so mainstream as to be tedious. Running most of the world’s most powerful supercomputers? Been there, done that. Giving retailers the ability to deliver highly customized paper coupons to consumers based on warehouse inventory nearby? So 2013! And yet in 2014 we had a few events in open source that managed to surprise us, and suggest an even brighter future. Read more