diff options
Diffstat (limited to 'published/Webmonkey/Monkey_Bites/2007/07.16.07/Wed/firefox.txt')
| -rw-r--r-- | published/Webmonkey/Monkey_Bites/2007/07.16.07/Wed/firefox.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/published/Webmonkey/Monkey_Bites/2007/07.16.07/Wed/firefox.txt b/published/Webmonkey/Monkey_Bites/2007/07.16.07/Wed/firefox.txt new file mode 100644 index 0000000..850a18e --- /dev/null +++ b/published/Webmonkey/Monkey_Bites/2007/07.16.07/Wed/firefox.txt @@ -0,0 +1,13 @@ +Mozilla has pushed out a new version of Firefox 2 that includes a patch for the high-profile vulnerability that allows attackers to use Internet Explorer to [trick Firefox into executing remote code][1]. + +There has been much debate over whether the vulnerability was Firefox's fault or IE's fault, but arguably both browsers were at fault since neither one escaped or sanitised the URLs being passed. + +Whatever the case, Firefox has patched things from its end. + +Several other security fixes are included in Firefox 2.0.0.5 -- the [release notes][2] have more information and specific fixes can be viewed [here][3]. + +Firefox 2.0.0.5 can be downloaded from the Firefox product page. + +[1]: http://www.mozillazine.org/talkback.html?article=22198 +[2]: http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/#whatsnew +[3]: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.5
\ No newline at end of file |