Language Selection

English French German Italian Portuguese Spanish

Firefox's flaws fixed in upgrade

Filed under
Software

The Mozilla Foundation, maker of the open source web browser Firefox, has released a security patch to plug two critical security flaws in the browser.

The flaws were found last week by net security experts. Danish firm, Secunia, called them "extremely critical".

Mozilla has now recommended people upgrade to the latest version, Firefox 1.0.4, which is a security update.

Firefox is Microsoft Internet Explorer's (IE) main rival. IE has dominated the browser market.

But many have switched to Firefox because, so far, it has had fewer security flaws than IE and is more customizable.

Although the vulnerabilities, reported on Saturday, had been identified no cases had been reported of them being exploited.

Secunia said they were "extremely critical" because they could have let cookie and history information be used to get access to personal information or access previously visited sites.

The first flaw reported fooled the browser into thinking software was being installed by a legitimate, or safe, website.

The second happened was related to the software installation trigger which was not able to properly check icon web addresses which contain JavaScript code.

Potentially, a hacker could have taken advantage of the security flaws to secretly launch malicious code or programs.

Full Story.

More in Tux Machines

What’s New with Xen Project Hypervisor 4.8?

I’m pleased to announce the release of the Xen Project Hypervisor 4.8. As always, we focused on improving code quality, security hardening as well as enabling new features. One area of interest and particular focus is new feature support for ARM servers. Over the last few months, we’ve seen a surge of patches from various ARM vendors that have collaborated on a wide range of updates from new drivers to architecture to security. Read more

Kali Alternative: BackBox Linux 4.7 Arrives With Updated Hacking Tools

BackBox Linux is an Ubuntu-based operating system that’s developed with a focus on penetration testing and security assessment. If you take a look at our list of top 10 ethical hacking distros, BackBox ranks in top 3. This alternative of Kali Linux operating system comes with a variety of ethical hacking tools and a complete desktop environment. The software repositories of the hacking tools included in BackBox Linux too are frequently updated. Earlier this year in May, we witnessed the release of BackBox Linux 4.6 that was based on kernel 4.2 and Ubuntu 15.10. Read more

Linux Distributions vs. BSDs With netperf & iperf3 Network Performance

With now having netperf in the Phoronix Test Suite as well as iperf3 for the latest open-source benchmarks in our automated cross-platform benchmarking framework, I couldn't help but to run some networking benchmarks on a system when trying out a few different Linux distributions and BSDs to see how the performance compares. The operating systems ran with these networking benchmarks included Debian 8.6, Ubuntu 16.10, Clear Linux 12020, CentOS 7, and Fedora 25. The BSDs tested for this comparison were FreeBSD 11.0 and DragonFlyBSD 4.6.1. Read more

City of Rome: all new software should be open source

The city of Rome, the fourth-largest city in the European Union, will increase its use of free and open source software, it decided in October. All new software solutions should be based on open source, and the city is to consider replacing existing proprietary solutions by open source alternatives. Read more