----- Original Message ----- From: "Parker at Vip conduit" <[email protected]> To: "Accessible Devices" <[email protected]> Sent: Thursday, March 26, 2009 6:57 PM Subject: Accessible Devices Firefox Flaw To Be Repaired With High PrioritySecurity Release Next week
Online attack code has been released targeting a critical, unpatched flaw in the Firefox browser. The attack code, written by security researcher Guido Landi was on several security sites Wednesday, sending Firefox developers scrambling to patch the issue. Until the flaw is patched, this code could be modified by attackers and used to sneak unauthorized software onto a Firefox user's machine. Mozilla developers have already worked out a fix for the vulnerability. It's slated to ship in the upcoming of the browser, which developers are now characterizing as a "high-priority firedrill security update," thanks to the attack code. That update is expected sometime early next week. "We... consider this a critical issue," said Mozilla Director of Security Engineering Lucas Adamski in an email. The bug affects Firefox on all operating systems, including Mac OS and Linux, according to Mozilla developer By tricking a victim into viewing a maliciously coded XML file, an attacker could use this bug to install unauthorized software on a victim's system. This kind of Web-based malware, called a drive-by download, has become increasingly popular in recent years. While the public release of browser attack code doesn't happen all that often, security researchers don't seem to have much trouble finding bugs in browser software. Last week, two hackers at the CanSecWest security conference dug up four separate bugs in the Firefox, IE and Safari browsers. www.vipconduit.com and www.accessible-devices.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.accessible-devices.com/pipermail/a-d_accessible-devices.com/attachments/20090326/ef72beb5/attachment.html> This is an Announce only list. Subscribers are not able to post to this list. To unsubscribe from the Accessible Devices list copy the line below. Paste it in the To: line of a blank message and send it. [email protected] Please feel free to pass this message on to a friend who might like to subscribe. To subscribe to Accessible Devices send a blank e mail to: [email protected] Just follow the directions in the confirmation message when it comes. Please Note: Accessible Devices is not able to provide tech support for software or products that we supply information about. _______________________________________________ A-d mailing list [email protected] http://mail.accessible-devices.com/mailman/listinfo/a-d_accessible-devices.com To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
