Firefox lances IE bug
PrintPass the parcel bug binned
Posted in Software & Security, 18th July 2007 11:05 GMT
Free whitepaper – What Exchange can't do - and Dell can
Mozilla has pushed out a new version of Firefox that fixes a number of security bugs, including a high-profile bug involving launching Firefox from Internet Explorer.
Firefox version 2.0.0.5 also fixes a number of memory corruption and privilege escalation flaws, as explained in Mozilla's release notes here.
The release - available in Mac, Windows and Linux flavours - will be automatically pushed out to users within the next two days. Users still running running Firefox 1.5.0.x, which is no longer supported, are urged to upgrade to the Firefox 2 series.
In other security bug-related news, independent security researcher Michal Zalewski has unearthed a vulnerability in Internet Explorer, which might be exploited by a malicious website to spoof the address bar. The unpatched bug allows con-men to create more convincing phishing and revolves around flaws in the way IE7 implements the "document.open()" method of opening new browser windows.
An even more severe client-side risk comes from a pair of unpatched flaws in the Trillian multi-protocol IM client. Users are urged to disable the "aim://" URI handler in Trillian as a workaround, pending the delivery of security updates. ®
Free whitepaper – Managing desktop software for fun and profit
The Register Agile Data Center Summit
What Exchange can't do - and Dell can
New storage architectures make SSDs more cost-effective
Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs