HardwareHeaven.com
Looking for the skin chooser?
 
 

  • Home

  • Reviews

  • Articles

  • News

  • Tools

  • GamingHeaven

  • Forums

  • Network
 

Go Back   HardwareHeaven.com > Forums > News > Other Tech News
Reload this Page

Mozilla has a shell exploit

Register FAQ Members List Social Groups Search Today's Posts Mark Forums Read


Other Tech News The latest community based technology news from across the globe. (If you aren't a community newsposter then use the "Submit News" section.)

Reply
 
Thread Tools
Old Jul 9, 2004, 03:54 PM   #1
DriverHeaven Founder
 
Join Date: May 2002
Posts: 32,480
Rep Power: 177
Zardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refuteZardon has a reputation beyond refute
Mozilla has a shell exploit
AS PUNTERS SWITCH from IE in droves to the Mozilla Foundation, peddlers of the rival browsers Mozilla, Firefox and Thunderbird have admitted that they have a security hole too.
Mozilla has seen record downloads after big names in the security industry recommended dumping IE at least until Vole released its service pack two for Windows XP or patches for its holy browser.

Now, according to Reuters, developers at the open-source Mozilla Foundation have confirmed its product also has a shell exploit and it has come up with a patch for it.

The flaw affected only Windows users, not computers running either Mac or Linux operating systems.

The problem is minor and requires a fair bit of effort and knowledge on the part of the attacker. Ultimately, all they can do is cause the computer to freeze. Mozilla has said that future versions of the Firefox web browser would have automatic update notifications that would make it easier to notify users about security fixes.

inquirer
Zardon is offline   Reply With Quote


Old Jul 9, 2004, 03:58 PM   #2
Apple Fanboy?
 
dj_stick's Avatar
 
Join Date: Jun 2003
Location: Basement of the first floor
Posts: 17,469
Rep Power: 188
dj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his statusdj_stick is godlike in his status
System Specs

hmm - well one exploit is better than the multitudes that IE has
__________________
Chris - The Aussie Super Mod
Hardwareheaven Rules - Sig Request Thread

How you can help HardwareHeaven by using Digg!

Hardwareheaven Super-Moderator

Quote:
Originally Posted by OmegaRED View Post
You know, there's "off topic" and then there's so freakin' off topic it you gotta wear a straitjacket to join the conversation.
dj_stick is offline   Reply With Quote
Old Jul 9, 2004, 04:01 PM   #3
DriverHeaven Senior Member
 
Join Date: Jun 2003
Location: USA
Posts: 2,761
Rep Power: 0
Warpy is on a distinguished road

Donator
Very true...
__________________

The nine most terrifying words in the English language are, "I'm from the government and I'm here to help."
Warpy is offline   Reply With Quote
Old Jul 9, 2004, 04:42 PM   #4
Xii
More than a number.
 
Join Date: Feb 2003
Location: Detroit, MI
Posts: 37
Rep Power: 0
Xii is on a distinguished road
It's actually a problem with Windows Explorer.
Quote:
The kicker is that this isn't even a problem with Mozilla; it's a problem with Windows Explorer. Windows XP Service Pack 1 was supposed to have closed this hole, but apparently it is still functioning and leaving Windows systems open to remote attack. So the Mozilla team worked to patch a hole that had little to do with their project.

Is this really a security hole? When Mozilla receives a shell: request, it passes it on to an external handler in Windows. The "fix" for this is to disable this functionality which, as far as I can tell, is totally unnecessary to begin with. External handlers -- programs outside Mozilla -- have no specific security model, so the only way to deal with them is to make individual exceptions like this one. Messy? Yes. But that's Windows.
Newsforge Story
Xii is offline   Reply With Quote
Old Jul 9, 2004, 08:40 PM   #5
HardwareHeaven Senior Member
 
caqde's Avatar
 
Join Date: Oct 2002
Location: US, IL
Posts: 502
Rep Power: 64
caqde is just super!caqde is just super!caqde is just super!caqde is just super!caqde is just super!caqde is just super!
System Specs

Wow they can cause my computer to freeze. Much better than most IE flaws that allow them to install anything they want into my system I really hate spyware.
__________________
AMD Phenom II X4 925 AM3/ Giga-byte MA790XT-UD4P
XFX HD5770 1GB / 2x2GB of GSKILL DDR3 10666 8-8-8-23
Samsung SH-S182D DVD-RW drive / Sony Optiarc BD-5300S BD-RW drive
Western Digital WD1501FASS(Primary)/Western Digital 15EADS(Secondary)/Western Digital 7500AACS(Secondary)/Seagate Barracuda 7200.10 320gb(Secondary)/Western Digital 3200KS 16MB 7200rpm SATAII HD(Secondary)
Antec TP-550 / CoolerMaster CMStacker
Sound Blaster X-FI Titanium Fatal1ty Professional / Creative Inspire 6600 6.1 speakers
Samsugn T200HD 20" LCD Monitor / Logitech Internet 350 Black Keyboard
Logitech MX510 Mouse
caqde is online now   Reply With Quote
Reply

Bookmarks

« LeadTek 6800 vs. eVGA 6800 Ultra Extreme | AntiVir Personal Edition 6.26.00.01 »
Thread Tools