David Baxter PhD
Late Founder
Firefox hit by multiple drive-by download flaws
by Ryan Naraine
October 28th, 2009
Mozilla?s flagship Firefox browser is vulnerable to at least 11 ?critical? vulnerabilities that expose users to drive-by download attacks that require no user interaction beyond normal browsing.
The open-source group shipped Firefox 3.5.4 with patches for the vulnerabilities, which range from code execution risk to the theft of information in the browser?s form history.
One of the critical issues affect media libraries introduced in Firefox 3.5 when audio and video capabilities were added.
See full article for details of the security vulnerabilities
The Firefox 3.5.4 update will be distributed via the browser?s automatic update mechanism. It should be deployed within the next 24 to 48 hours. Alternatively, users can use the ?Check for Updates? tool to manually apply the update.
by Ryan Naraine
October 28th, 2009
Mozilla?s flagship Firefox browser is vulnerable to at least 11 ?critical? vulnerabilities that expose users to drive-by download attacks that require no user interaction beyond normal browsing.
The open-source group shipped Firefox 3.5.4 with patches for the vulnerabilities, which range from code execution risk to the theft of information in the browser?s form history.
One of the critical issues affect media libraries introduced in Firefox 3.5 when audio and video capabilities were added.
See full article for details of the security vulnerabilities
The Firefox 3.5.4 update will be distributed via the browser?s automatic update mechanism. It should be deployed within the next 24 to 48 hours. Alternatively, users can use the ?Check for Updates? tool to manually apply the update.
