Filed under: Internet, Security, Mozilla, Browsers
Firefox 3 vulnerability, 8 million people affected!
If you were one of those 8 million people that downloaded Firefox 3 the other day be aware that Tipping Point DVLabs has announced a vulnerability in Mozilla's latest browser.Details are unknown but in order for this exploit to work, you'll have to visit a site with the malicious code and click the infected link. Zero Day rates the severity as "High" and it effects both version 2 and 3 of the popular internet browser. Mozilla has acknowledged the security issue and should have a patch issued in its 3.0.1 release shortly.
With the amount of beta testing that's been done on Firefox 3 it makes you wonder why something like this slipped by?
In the mean time, be careful of where you click and make sure Firefox is set to auto update.
With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet.
They key to getting good at Graveyard Shift is learning to use ...
Reader Comments (Page 1 of 1)
james.skitt said 1:29PM on 6-20-2008
I think it slipped by because someone found it in beta testing but didn't release it until after the final version was released, just to make the headlines etc
Reply
karlynhuz said 1:41PM on 6-20-2008
this is kind of "why i love Opera so much!!!" :P
Reply
BigBossSNK said 1:40PM on 6-20-2008
"8 million people affected!"
So, by your account, you get affected by a vulnerability just by it existing. You know, without anything happening to your system.
Just be more careful in your phrasing next time, huh?
Reply
Brandon said 2:45PM on 6-20-2008
Exactly what I was thinking...
keeves said 3:04PM on 6-20-2008
If it affect versions 2 and 3 then a lot more than 8 million people are "affected", and also no matter how much beta testing version 3 had received, if it is present in the earlier version then there is no grantee it would be spotted, in exactly the same way it was missed previously.
cdavenport4 said 2:03PM on 6-20-2008
In my opinion, there's not a piece of code that not susceptible to hacking. I think the Mozilla team has done an excellent job.
Reply
Rocketboy said 8:53AM on 7-03-2008
Let me guess, you would not be so forgiving if "Micro$oft" did the same thing...
Tush said 2:40PM on 6-20-2008
There's always going to be exploits, you can never make it full-proof.
karlynhuz: agreed, I love Opera as well.
Reply
Horny said 2:52PM on 6-20-2008
Does this mean no RedTube until 3.0.1 realease ;)
Reply
Asa Dotzler said 3:24PM on 6-20-2008
The details of the flaw _have_not_been_released_ Is that really that difficult to understand? All software has flaws. All complex software has security flaws. Someone found a security flaw in Firefox 2 and Firefox 3 and they submitted that flaw to Mozilla in private so that users would not be harmed and Mozilla could fix it.
They also did a sort of press release announcing that they were cooperating with Mozilla on the flaw but they did not "release" the details of the flaw and so users are at minimal risk.
Reply
web design company said 4:34AM on 6-21-2008
uh oh... glad I've been a little too busy to DL it...
Reply
Doug said 11:29AM on 6-21-2008
Usually read engadget, but sometimes check out other blogs mentioned at the bottom. Such poor writing is so rare at engadget. Echoing other comments: Are people "affected!" when it's a private sharing of a security flaw? Since when does beta testing involve trying to hack the software?
This article reads like it was written by someone in high school; and with an even lower degree of awareness of software development than many in even that age bracket. Quite inappropriate to imply a (likely obscure) security flaw "slipped by" their beta testing process, when this is never the intent.
Reply
Joshua Issac said 2:39PM on 1-11-2009
Firefox, insecure as ever.
Reply