internet apps/networking

07/12/2005, 5:45pm, EDT

Tuesday, July 12th

Firefox 1.05 update addresses security issues

Mozilla.org has released Firefox 1.05, which fixes several security vulnerabilities in the popular open-source browser. The update is recommended for all users: it brings improvements to stability as well as fixes a several security issues, including fixes for spoofing via XHTML/JavaScript, code execution through shared objects, execution of arbritrary code through browser by standalone applications, and more. [updated with correct security fixes]


Filed under: software

, , 1 comment, del.icio.us, slashdot, digg, buzz


1 comment
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
resuna
Use Safari or Camino
0
07/14, 11:37am, EDT
The latest couple of Firefox releases have worried me... if they were using an "inherently safe" design, many of these holes wouldn't have been possible. I suspect that the way they've built the user interface using XML and Javascript is the problem, more than Gecko (the Mozilla/firefox rendering engine).

The KHTML engine that's the base of Webcore DOES seem to have an inherently safe design, and the way Dashboard works supports this assumption. So long as you disable "open safe files after downloading" Safari shouldn't be subject to the same kinds of failures as have been exposed in Firefox. If you want to use a Gecko-based browse, Camino doesn't use chrome (the XML-based UI framework) for its user interface and should be safer.

I'm still concerned about Apple's use of the same LaunchServices database for both web and local URI handling, and Apple's fix of using a dialog the first time LaunchServices is used for a new application is really inadequate, but the exposure from this is much less and in any case it's shared by all browsers I know of on either Mac or Windows.
Fresh-Faced Recruit
Joined Jan 2005
User is offline
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

MacNN iPodNN Electronista
top searches
1. apple
2. iphone
3. apple TV
4. ipod
5. mac
6. BBC
7. icons
8. icon
9. macbook
10. leopard
search for more ..
RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News
Want To Sell Your Laptop? Any Condition - receive Top Cash. Get an instant quote. Free shipping www.CashForLaptops.com
Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.