Commentary: patched in 60 seconds

Friday, 9 July 2004, 11:21 AM EST

Today it was announced that a vulnerability in the Mozilla and Firefox Web browsers allows the execution of arbitrary code in Windows NT, 2000, and XP systems. It doesn't affect GNU/Linux, FreeBSD, Solaris or anything else -- just Windows. I'd imagine that Microsoft's head honchos will be mentioning this exploit whenever they want to attack open source software security for years to come. Ironically OSS advocates might use the same story to attack Microsoft's security record. Why? Because a patch was released before the vulnerability was widely reported.

The specific vulnerability in question affects the Mozilla suite (1.7.0 and earlier), Firefox browser (0.9.1 and earlier), and Thunderbird email client (0.7.1 and earlier). Here it is, barely a day since the bug was initally reported, and all these programs have updated versions available as well as a binary patch for those needing a quick fix (if you're currently using one of these programs in Windows, just click here to download the patch right now).

[ Read more ]




Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //