ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Enterprise open source Toolkit

Mozilla users urged to upgrade

Tom Espiner ZDNet.co.uk

Published: 19 Apr 2006 15:35 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Users have been urged to upgrade to the latest versions of Mozilla's software to protect themselves from a series of critical security holes.

The US Computer Emergency Readiness Team (US-CERT) warned on Monday that earlier versions of Firefox, and other Mozilla software based on Firefox code, contain a clutch of vulnerabilities that expose users to attack.

The Mozilla Foundation released a new version of Firefox last week, version 1.5.0.2, which it said contained fixes for several security flaws.

According to security firm Secunia, there are a total of 21 flaws in the older versions of Firefox, such as Firefox 1.5, some of which it described as critical.

US-CERT advises people who use Mozilla's email software, Thunderbird, and the Internet application suite Seamonkey to also upgrade to the latest versions (Thunderbird 1.5 and Seamonkey 1.0.1). US-CERT warned that any other products based on older Mozilla components, particularly the Gecko rendering engine, may also be affected.

Firefox has traditionally been seen as being more secure than other Web browsers such as Microsoft's Internet Explorer. This is thought to be the first time that multiple vulnerabilities have been reported in Firefox and the Mozilla suite.

Secunia warned that hackers could exploit the security holes to gain control of computer systems, conduct phishing attacks, and bypass security restrictions.

One error that occurs in Firefox would allow arbitrary JavaScript code to be injected into Web pages as they load.

The vulnerabilities were discovered by Mozilla researchers, including Bernd Mielke, Alden D'Souza and Martijn Wargers, as well as by 3Com researchers working on the TippingPoint Zero Day Initiative.

This initiative encourages "responsible disclosure of vulnerabilities" to vendors, to give them time to put out patches before holes are disclosed to the public. TippingPoint started to disclose the holes to Mozilla from December last year.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with HP

Did you find this article useful?
111 out of 248 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Enterprise open source



Company/Topic Alerts

Create a new alert from the list below:




Related Jobs

.NET Architect Contract - Stoke-on-Trent

NET Platform knowledge - Web architecture experience - Security procedures experience with large scale Websites and their vulnerabilities Please ...

Esupport Analyst - Contract - Tier 1 Inv Banking

Exposure to financial markets, understanding time urgency Strong customer service skills Tech Microsoft office suite Internet Browsers IE and Firefox ...

Esupport Analyst - Contract - Tier 1 Inv Banking

Microsoft Office support experience - Internet browser support experience eg Firefox / IE - Bloomberg experience - Ideally knowledge of supporting ...

Featured Talkback

Its the applications and device drivers that run on windows that cement its dominance. How many people would fork out hundreds of pounds for Vista if Linux ran all the software and kit they wanted to use.

By: pround

Read full story:
Windows' dominance stifles demand for Linux

Discussions

John Molloy John Molloy

Bit Odd to be honest

Friday 16 May 2008, 5:44 PM

2 comments
1000221148 1000221148

IT Anthems - should we revive them?

Friday 16 May 2008, 4:51 PM

3 comments
Macbrewer Macbrewer

Not really a security problem

Friday 16 May 2008, 4:17 PM

2 comments
harpless harpless

interesting..

Friday 16 May 2008, 4:06 PM

3 comments

View All