Mozilla Plans Fix For Critical Firefox Vulnerability In Next Release 140
Trailrunner7 writes "A month after an advisory was published detailing a new vulnerability in Firefox, Mozilla said it has received exploit code for the flaw and is planning to patch the weakness on March 30 in the next release of Firefox. Mozilla officials said Thursday that the vulnerability, which was disclosed February 18 by Secunia, is a critical flaw that could result in remote code execution on a vulnerable machine. The vulnerability is in version 3.6 of Firefox."
Re:1.5 months for a response and release?! (Score:0, Interesting)
Why don't you fix it?
Re:Further details available in Customer Area (Score:1, Interesting)
Regardless of your stance on full disclosure, disclosure in return for payment seems to be little more than extortion. I'm going to blame this one on secunia.
Re:So this just shows, that you can't relax. (Score:3, Interesting)
I use Kubuntu Linux on my other computer, which is my main home computer. That is the computer which I am using at the moment. I also use Firefox on it, but there is not a Linux version of SandboxIE. Perhaps, I should use the Konqueror browser instead, until the final release of the patched version of Firefox becomes available. The Konqueror browser is already installed on this computer.
In the Linux version of Firefox, I also use the NoScript and Adblock Plus extensions. Of course, when using the Linux computer, I am normally logged in under under my user name, with the limited privileges which go with it. Like most Linux users, I do not run as root all the time. When I temporarily need more privileges I use sudo.
I am not a computer expert. I am just someone who uses both Linux and also Windows XP on my two computers at home.
http://esecurityplanet.com/features/article.php/3842331/Sandboxie-Blocking-Web-Based-Malware-From-Your-PC.htm