Wed, 15 Jul 2009 Firefox 3.5 vulnerable to critical Javascript attack
Firefox 3.0 users who haven't yet upgraded shouldn't be vulnerable to this flaw
A critical flaw in the way Firefox 3.5 handles Javascript opens the door to a serious attack, according to Secunia, which tracks security vulnerabilities.
Sample exploit code is already available online, so while there aren't yet any reports of active attacks against this new flaw, there soon could be. Such an assault would likely take the form of a poisoned Web page that uses behind-the-scenes attack code to trigger the flaw.
The Washington Post's Security Fix has posted a workaround to protect against the flaw while Mozilla prepares a patch. The temporary fix disables a new Javascript processing feature in Firefox 3.5, which Security Fix says will slow down Javascript handling but protect against this exploit.
See Brian Krebs' post for instructions.
Firefox 3.0 users who haven't yet upgraded shouldn't be vulnerable to this flaw, and won't find the setting that Krebs describes.
Check out our new Macworld Mobile site.
Follow Macworld UK on twitter: www.twitter.com/macworlduk
Contact Us
DiggEmail A Friend
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
Permalink This Article
This articles permalink is:
http://www.macworld.co.uk/digitallifestyle/news/index.cfm?RSS&NewsID=26598
<<prev article | back to news index | next article>>
Latest News
- Apple Tablet patent appears online
- Vodafone cost reductions delivered a year early
- RouteBuddy intros OS Region Maps for iPhone, iPod touch
- AMD, Intel settle antitrust, IP cases
- Data Robotics intros online Drobo store in Europe
- O2 celebrates 21 million mobile customers in the UK with latest results
- Orange sells 30,000 iPhones on first day of launch
- Microsoft rebukes exec for Mac inspiration comment
- Orbicule adds push notification to Undercover iPhone recovery app
- GPS Navigation comes to iPod touch with Navmii UK app
- Katherine Jenkins plays Apple Store, Regent Street, 24 November
- Klipsch intros iGroove SXT docking speaker system for iPod, iPhone
iPhone 3G S Video Review
Related News
- Getty launches call for artists through Flickr
- Bing to use Wolfram Alpha results
- Windows 7 inspired by Mac OS X admits Microsoft boss
- Apple announce live web seminar with Virtual Aviation
- Primera intros DP-PRO Xi-Series disc publishers
- Ex-Blue Peter presenter launches Linux based computer for 50+ market
- TalkTalk: EU law will save downloaders being banned from the web
- ABBYY FineReader Express Edition for Mac now Snow Leopard compatible
- FireEye moves quickly to quash Mega-D botnet
- Anorak Magazine intros Happy app for iPhone, iPod touch
Mac Broadband?
Search news
Search Google
Newsletter signup
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Register now
Stay on top of the latest, breaking Mac news and chat with other Mac professionals and enthusiasts about the issues that matter to you. Register with Macworld today to join our forums and receive our twice-weekly email newsletter, Macworld Mainline.
RSS
Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.
MACWORLD MARKETPLACE
 |
Computer & Laptop |
 |
Orbitsound |
 |
Circus Ponies NoteBook - the easy way to get organized on the Mac |
 |
50% off ebooks |
 |
World's most secure PIN protected portable hard drive |
 |
FREE 30-day trial. Announcing New FileMaker Pro 10. Sleek new look. Intuitive new design. |
 |
Beat the Credit Crunch - Lease your Mac from Hardsoft. |
 |
Latest Version of Final Cut Studio and Final Cut Server now available - Special Offer !! |
Click here for the latest reader comments