Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Firefox’s Flaws Patched, Thunderbird Remains Vulnerable

Mozilla Corp., which patched its Firefox browser's security flaws on March 4, 2009, described six of them as "critical", one as "high" and the last one as "low" in the company's four-stage ranking arrangement.

In a warning through its security statements/advisories, Mozilla said that the vulnerability, which is the most severe among the 6 flaws for the latest editions of Windows, Linux and Mac operating software, enables hackers to execute arbitrary code on a compromised system. The advisories were issued on March 4, 2009.

Moreover, the 8 'critical' security vulnerabilities impacts Firefox's garbage collection - that monitors the way Firefox applications utilize the memory of the computer- along with the browser's Portable Network Graphics (PNG) libraries. Mozilla stated that the PNG library bug could be triggered by any corrupt image such as one infected with a Trojan or malware on an Internet page. This leads to the execution of malicious codes.

Furthermore, other flaws that Mozilla patched could allow hackers to spoof URLs and to trick users to access a phishing site where their private information could be stolen.

Meanwhile, Mozilla Messaging Inc.'s e-mail client Thunderbird (like Microsoft's Outlook) remains un-patched in spite of the fact that above mentioned six flaws affecting it. Thus, Thunderbird continues to be susceptible to hackers' attacks.

Security specialists suggest that till an update for Thunderbird is ready, users could lessen the danger using PNG images by loading images only from reliable e-mails. They are also advised to avoid clicking on just any image they come across to prevent the execution of malicious code or download of malware. The remaining flaws could be also evaded with JavaScript turned off since JavaScript could also allow execution of arbitrary codes.

In the meantime, Firefox released its update after one day since Opera released the latest edition of its browser software, mainly to address the different security holes discovered. Thus, the week turned out to be busy in terms of securing of browsers. Firefox was quick to fix its flaws to avoid getting into competition with rival, Opera.

Related article: Firefox Gets Vulnerable With JavaScript

» SPAMfighter News - 3/21/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page