Filed under: Internet, Security, Mozilla, Browsers
Firefox 3 vulnerability, 8 million people affected!
If you were one of those 8 million people that downloaded Firefox 3 the other day be aware that Tipping Point DVLabs has announced a vulnerability in Mozilla's latest browser.Details are unknown but in order for this exploit to work, you'll have to visit a site with the malicious code and click the infected link. Zero Day rates the severity as "High" and it effects both version 2 and 3 of the popular internet browser. Mozilla has acknowledged the security issue and should have a patch issued in its 3.0.1 release shortly.
With the amount of beta testing that's been done on Firefox 3 it makes you wonder why something like this slipped by?
In the mean time, be careful of where you click and make sure Firefox is set to auto update.
I don't know if this is a labor of love or merely the brainchild of four very gifted games designers, but Level Up is a really weird mash-up of gaming elements that you have probably never seen in a Flash game before.
Let's start with the premise itself: Groundhog Day meets Memento. The game experience revolves around 'days': you explore the world and the clock slowly ticks towards the evening. You bounce around picking up gems and talking to the denizens of 'Level Upland'. Eventually you feel tired and head back to ...
Reader Comments (Page 1 of 1)
james.skitt said 1:29PM on 6-20-2008
I think it slipped by because someone found it in beta testing but didn't release it until after the final version was released, just to make the headlines etc
Reply
karlynhuz said 1:41PM on 6-20-2008
this is kind of "why i love Opera so much!!!" :P
Reply
BigBossSNK said 1:40PM on 6-20-2008
"8 million people affected!"
So, by your account, you get affected by a vulnerability just by it existing. You know, without anything happening to your system.
Just be more careful in your phrasing next time, huh?
Reply
Brandon said 2:45PM on 6-20-2008
Exactly what I was thinking...
keeves said 3:04PM on 6-20-2008
If it affect versions 2 and 3 then a lot more than 8 million people are "affected", and also no matter how much beta testing version 3 had received, if it is present in the earlier version then there is no grantee it would be spotted, in exactly the same way it was missed previously.
cdavenport4 said 2:03PM on 6-20-2008
In my opinion, there's not a piece of code that not susceptible to hacking. I think the Mozilla team has done an excellent job.
Reply
Rocketboy said 8:53AM on 7-03-2008
Let me guess, you would not be so forgiving if "Micro$oft" did the same thing...
Tush said 2:40PM on 6-20-2008
There's always going to be exploits, you can never make it full-proof.
karlynhuz: agreed, I love Opera as well.
Reply
Horny said 2:52PM on 6-20-2008
Does this mean no RedTube until 3.0.1 realease ;)
Reply
Asa Dotzler said 3:24PM on 6-20-2008
The details of the flaw _have_not_been_released_ Is that really that difficult to understand? All software has flaws. All complex software has security flaws. Someone found a security flaw in Firefox 2 and Firefox 3 and they submitted that flaw to Mozilla in private so that users would not be harmed and Mozilla could fix it.
They also did a sort of press release announcing that they were cooperating with Mozilla on the flaw but they did not "release" the details of the flaw and so users are at minimal risk.
Reply
web design company said 4:34AM on 6-21-2008
uh oh... glad I've been a little too busy to DL it...
Reply
Doug said 11:29AM on 6-21-2008
Usually read engadget, but sometimes check out other blogs mentioned at the bottom. Such poor writing is so rare at engadget. Echoing other comments: Are people "affected!" when it's a private sharing of a security flaw? Since when does beta testing involve trying to hack the software?
This article reads like it was written by someone in high school; and with an even lower degree of awareness of software development than many in even that age bracket. Quite inappropriate to imply a (likely obscure) security flaw "slipped by" their beta testing process, when this is never the intent.
Reply
Joshua Issac said 2:39PM on 1-11-2009
Firefox, insecure as ever.
Reply