DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
July 03, 2008
Mozilla patches 13 bugs in Firefox 2
After patching its older Firefox 2.0 yesterday to quash 13 bugs, Mozilla Corp. announced that it would end support for the browser in mid-December.
Mozilla last patched Firefox 2.0 in April.
Firefox 2.0.0.15 addresses 13 vulnerabilities, five of which the open-source company rated "critical," according to advisories posted on Mozilla's site Tuesday. Of the remaining bugs, four were labeled "high," two as "moderate," and two as "low."
Three of the five critical flaws could be exploited by attackers to execute malicious code, said Mozilla, while the last two, involving JavaScript and pegged by the developer as "crashes with evidence of memory corruption," might lead to code-execution exploits.
Interestingly, one of the critical vulnerabilities isn't within the browser per se, but crops up only when one or more add-ons, dubbed "extensions" by Mozilla, are also installed. "Firefox itself does not use this feature in a vulnerable way, and users who have not installed any add-ons are not at risk," read the advisory. "We have, however, identified popular add-ons using this feature whose users are at risk, and there are no doubt others."
Among the extensions called out by Firefox programmers in the writeup on Bugzilla, Mozilla's bug tracking and management system, was Google Inc.'s Google Toolbar.
All 13 vulnerabilities patched yesterday in Firefox 2.0.0.15 had been fixed before Mozilla rolled out the final version of its new browser on June 17, a company spokeswoman said today. "Some were fixed months ago by nature of [Firefox's] re-architecture, others were fixed before release of Firefox 3 final," the spokeswoman said in an e-mail.
Firefox 2.0.0.15 can be downloaded from the Mozilla site in versions for Windows, Mac OS X and Linux. Users running Firefox 2.0 can call up the browser's built-in updater or wait for the automatic update notification, which typically appears within 24 to 48 hours after Mozilla posts a new version.
Mozilla also noted on its Web site today that Firefox 2.0 would roll off its support list in the middle of December 2008, approximately six months after the release of Firefox 3.0.
"Firefox 2.0.0.x will be maintained with security and stability updates until mid-December 2008," the company said. "All users are encouraged to upgrade to Firefox 3."
Mozilla's standard policy is to support older software for only six months after the release of a major update. Last year, however, the company extended the support lifespan of Firefox 1.5 by about a month, saying it needed more time to craft one last security patch for the browser.
Source: ComputerWorld
All news for October, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
