McAfee has issued a warning to all the users who use the Mozilla Firefox
browser - and others who share his software encryption. According to security
firm, a serious spoofing vulnerability signature in Mozilla NSS cryptographic
library can allow malicious people to create tools that can harm consumers with
relative ease.
In addition to the Firefox browser, Mozilla NSS library can also be found in
the Thunderbird, Seamonkey and even competitor in Google Chrome. Nicknamed
"berserk", the vulnerability allows attackers to falsify signatures and divert
authentication for sites that use SSL / TLS - which means that even websites
like "https" can be forged with the malicious drivers.
Despite the dangers of vulnerability, a package of updates for Firefox was
released shortly after the issuance of the alert and is responsible for
neutralization of problems. How Google also uses the encryption library in
question, it is recommended that users of Google Chrome and Chrome OS also
install the updates.
--
tor-talk mailing list - [email protected]
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
