Gizmo's Freeware Forum

Gizmo's Freeware Forum (https://www.techsupportalert.com/freeware-forum/)
-   Internet, Web Apps and Networking (https://www.techsupportalert.com/freeware-forum/internet-web-apps-and-networking/)
-   -   Another Critical Vulnerability in Firefox discovered (https://www.techsupportalert.com/freeware-forum/internet-web-apps-and-networking/1438-another-critical-vulnerability-in-firefox-discovered.html)

Anupam 19. Jul 2009 04:03 PM

Another Critical Vulnerability in Firefox discovered
 
It has been only days since release of Firefox 3.5.1, and yet another critical vulnerability has been discovered in Firefox.

To avoid this vulnerability, users are advised to turn off javascript. Users using NoScript add-on, are at lesser risk though, provided the sites in the whitelist are not compromised.

More about this can be read here... courtesy GHacks :
http://www.ghacks.net/2009/07/19/ano...ility-emerges/

This is really disheartening for Firefox users. Maybe Firefox 3.5 was released too soon? I really hope Firefox is not going the IE route.

MidnightCowboy 19. Jul 2009 04:19 PM

Quote:

Originally Posted by Anupam (Post 9513)
Maybe Firefox 3.5 was released too soon? I really hope Firefox is not going the IE route.

Maybe they should rename it Comodofox :D

At this rate IE looks a better bet!

Anupam 19. Jul 2009 04:30 PM

Quote:

Originally Posted by MidnightCowboy (Post 9516)
Maybe they should rename it Comodofox :D

Hilarious !!! :D.

I still wouldn't go with IE, there are better options out there, if sadly it comes down to leaving Firefox. I hope the patch for this is released soon.

Maybe Mozilla should be more careful releasing a major update next time... they released FF 3.5 too soon, in my opinion.

MidnightCowboy 19. Jul 2009 05:25 PM

Maybe if the guys at Lunascape would answer my emails (like they said they would) we might have another alternative to consider but as soon as I asked about security comparisons it all went quiet :mad:

Anupam 19. Jul 2009 05:29 PM

Maybe, its not as secure then. I often wonder on the security of browsers like K-Meleon, and the likes. That's why I don't wanna try them out. I certainly do not want to try browsers based on IE :D.

If Opera 10 comes out soon, maybe I will make a temporary switch. I do love Firefox though:mad:, and I wanna stick to it.

MidnightCowboy 19. Jul 2009 08:56 PM

I admit to a liking for Lunascape despite it's size and complexity. I can't see what their problem is as the Java/Script options etc. are all accessible from buttons in the status bar or wherever else you wanna put them. It's no good them trying to hide stuff which will become evident soon enough now the things available in English. It's certainly a real bonus knowing if certain sites only support a particular browser to be able to swap engines in mid stream.

Maybe it's just me they don't like:confused: Understandable really :D

Anupam 20. Jul 2009 11:05 AM

Bug not exploitable... Mozilla says
 
Mozilla is saying that the recent vulnerability discovered, is a bug, but its not exploitable.

To read more about what Mozilla has to say... here is the link posted by a user, on the main site. Thanks to him.

http://www.pcworld.com/article/16867...illa_says.html

Anupam 20. Jul 2009 11:16 AM

Here is the original post from Mozilla :
http://blog.mozilla.com/security/200...cve-2009-2479/

Pheww... so its definitely not exploitable. Am relieved :D.

Taurus 21. Jul 2009 06:50 PM

Quote:

Originally Posted by Anupam (Post 9531)
Maybe, its not as secure then. I often wonder on the security of browsers like K-Meleon, and the likes. That's why I don't wanna try them out. I certainly do not want to try browsers based on IE :D.

If Opera 10 comes out soon, maybe I will make a temporary switch. I do love Firefox though:mad:, and I wanna stick to it.


Agree with you completely Anupam.

jason 26. Jul 2009 06:04 AM

I don't mind if they find these vulnerabilities - but I will get concerned if they go the route of "another browser" and take 6-12 months to acknowledge and fix them.

So don't use the "number of bugs found" as a metric of how good a product is. Look at the number of unfixed bugs - and the average time taken to patch the bugs for users.

As long as the developers are responsive and any security holes are plugged quickly - they will have my vote.


All times are GMT +1. The time now is 08:46 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.