For those we lost, We will not forget 09/11/2001 “Our God given unalienable rights are given to us all as individuals. They tell us what me may do for ourselves, and they are the embodiment of liberty. The so-called rights that government gives to some of us are parcelled out to select groups as classes. They tell us what one class of people may require another to do for them, and they are the very essence of slavery.”
— Perri Nelson, February 9, 2010

A bheil Gàidhlig agaibh?

Time to change your default browser

Published Tue, Jun 5 2007 9:11 AM
Technorati Tags: Computers and Internet, Annoyances

Maybe it's time to switch to Opera. There's a new version of Opera out that's supposed to be pretty secure. I just downloaded and installed it, after all I like to use multiple different browsers. I do it mainly to ensure my software is cross-browser compatible, but this news may be enough to make me switch.

We all know about the many problems with Microsoft's Internet Explorer, from their somewhat wonky standards support to the innumerable security flaws that have been found and patched. Now there's two new "zero-day" vulnerabilities in Internet Explorer, neither of which have been patched.

For Firefox fans that are so proud of Firefox's record as compared to Internet Explorer, don't think you're safe either. There are also two new zero-day vulnerabilities that have been discovered in Firefox.

The news appeared in Computerworld:

June 04, 2007 (Computerworld) -- A noted security researcher today disclosed four new zero-day vulnerabilities in Microsoft Corp. and Mozilla Corp.'s browsers, including a critical flaw in Internet Explorer (IE) and a "major" bug in Firefox.

...

The most serious of the four, said Zalewski, is an IE6 and IE7 flaw he rated "critical." Dubbing it a "bait-and-switch" vulnerability, he said that the Microsoft browser gives hackers a window of opportunity to run malicious JavaScript to hijack the PC.

... 

But Mozilla's browser also suffered at Zalewski's hands. A new IFrame vulnerability in Firefox 2.0 can let attackers plant keyloggers or drop malicious content into a legitimate Web site. The flaw, rated as "major," is related to a similar bug discovered last year; although Mozilla patched that problem, Zalewski said the fix hadn't plugged all the holes.

Zalewski posted information about two other bugs, both rated "medium." A Firefox vulnerability could lead to unauthorized downloads, while IE6 is open to yet another address bar-spoofing flaw. "IE7 is not affected because of certain high-level changes in the browser," Zalewski said of the fourth vulnerability.

Both Mozilla and Microsoft are looking into the issues, but no fixes are available for either browser... yet.

Trackback URI for this post: http://perrinelson.com/track.aspx?postid=778
Permalink URI for this post: http://perrinelson.com/2007/6/5/778.aspx

Subscribe to this entry's comment feed. (Atom)

Delicious Bookmark this on Delicious 

Comments to this entry are closed.

View Perri Nelson's profile on LinkedIn I'm a proud friend of Israel! Are you? Republican National Committee