Main Area and Open Discussion > General Software Discussion
Firefox users, here's a security flaw you'll need to fix
(1/1)
KynloStephen66515:
Another day, another security flaw -- this one affecting Mozilla's Web browser, Firefox. But this one is easy enough for you to fix.
On Thursday, Mozilla revealed a vulnerability in its browser that was discovered by a Firefox user. An ad on an unnamed news site in Russia was able to tap into the vulnerability to upload certain files from a user's computer to a server apparently based in the Ukraine. Exploiting Firefox's PDF Viewer and its use of the widespread JavaScript code, the hack seems to capture only "developer focused" files -- think FTP (file transfer protocol) -- at least in Windows. Your personal files and data aren't caught in the attack, but the hack is still alarming.
--- End quote ---
Source: http://www.cnet.com/uk/news/firefox-users-security-flaw-to-fix/
Nod5:
The targetting of developers is scary. I can imagine some attackers being able to do a worm-like cascade of attacks by stealing and then exploiting developer logins and get the malware on more sites. If a developers computer gets infected that means that any code on their computer could also be infected.
I had Firefox set to notify on updates (not autoinstall) on one computer and the update notification popup is really a bit too low key for serious cases like this. Maybe shift to big red flashing letters? :D
mrpeach:
Ah serendipity... I've always hated the built in PDF viewer, and have disabled it for quite a while. Nice to hear that I was protected against this without even being aware of it.
Navigation
[0] Message Index
Go to full version