Language Selection

English French German Italian Portuguese Spanish

Firefox's flaws fixed in upgrade

Filed under
Software

The Mozilla Foundation, maker of the open source web browser Firefox, has released a security patch to plug two critical security flaws in the browser.

The flaws were found last week by net security experts. Danish firm, Secunia, called them "extremely critical".

Mozilla has now recommended people upgrade to the latest version, Firefox 1.0.4, which is a security update.

Firefox is Microsoft Internet Explorer's (IE) main rival. IE has dominated the browser market.

But many have switched to Firefox because, so far, it has had fewer security flaws than IE and is more customizable.

Although the vulnerabilities, reported on Saturday, had been identified no cases had been reported of them being exploited.

Secunia said they were "extremely critical" because they could have let cookie and history information be used to get access to personal information or access previously visited sites.

The first flaw reported fooled the browser into thinking software was being installed by a legitimate, or safe, website.

The second happened was related to the software installation trigger which was not able to properly check icon web addresses which contain JavaScript code.

Potentially, a hacker could have taken advantage of the security flaws to secretly launch malicious code or programs.

Full Story.

More in Tux Machines

The top 10 rookie open source projects

Open source has become the industry's engine of innovation. This year, for example, growth in projects related to Docker containerization trumped every other rookie area -- and not coincidentally reflected the most exciting area of enterprise technology overall. At the very least, the projects described here provide a window on what the global open source developer community is thinking, which is fast becoming a good indicator of where we're headed. Read more

First thoughts on KaOS 2014.12

The latest snapshot of this rolling release distribution includes initial support for UEFI, the KDE 4.14 desktop, systemd version 218 and the Qupzilla web browser. I mention Qupzilla because I feel it is a rare gem in the open source world, a quick capable browser that perhaps does not get the attention it deserves. KaOS is available in just one edition, a 64-bit x86 build. The ISO we download for KaOS is 1.6GB in size. Read more

6 big changes coming to Fedora 22

Hold on to your (red) hats. Fedora 22, the next iteration of the "move fast and break things" version of Linux sponsored by Red Hat, is set to arrive on May 19. After the multiple editions introduced in the previous Fedora, what's in store this time? The answer lies with the proposals received by the Fedora Engineering and Steering Committee (FESCo), whose deadline for proposed changes passed last week. Here are some of the more notable and head-turning proposals for Fedora 22 that seem most likely to make it to the final product. Read more

Sorry, Windows 10 Fans, but This Is What Icons Should Look Like

The icon theme of an operating system has more importance than people might imagine. Microsoft has updated the icons for the latest Windows 10 preview and they actually look terrible and they lack consistency. We listed a few Linux ones for a better comparison. Read more