Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Firefox Gets Vulnerable With JavaScript

The hackers, Mischa Spiegelmock and Andrew Wbeelsoi tried to explain at the 'ToorCon hacker' conference in San Diego that the Firefox flaw could make anyone a victim running the browser. The flaw is due to the Internet language JavaScript in browser's programming. An attacker could compromise such a computer and gain access over it by constructing a Web page that is written by a malicious JavaScript code. The duo in a presentation said that the flaw could make an impact on Firefox running on Windows, Apple's Mac OS X and Linux.

The hackers demonstrated the details of the flaw in a slide presentation, which showed the prime parts of the attack code essential to exploit Firefox and the PC running it. There are various JavaScript techniques, which when applied to the system can cause a 'stack overflow' error irrespective of the Operating System running on the PC.

The flaw discussed above pertains only to the Firefox's implementation of JavaScript, the scripting language widely used on the Web since a decade. Spiegelmock said the implementation is a total confusion and it is impossible to patch it.

Window Snyder, security chief of Mozilla said that the flaw could be a variation of an earlier attack and the present one appeared to be a real vulnerability. She further said that if the problem is related to the way the browser handles the JavaScript, then it is unlikely to have an early solution and it would take some time. She, therefore, advises Firefox users to turn off JavaScript for the time being till Mozilla has more information about the flaw.

Firefox was mainly brought to use as an alternative to Internet Explorer. Since IE always has a large user base, it has been the prime target for hackers. Also, it is easy to exploit and can be used to distribute worms and viruses. But with the growth in Firefox users, it too is becoming the hackers' target.

Related article: Firefox 2.0 Can’t Keep Pace with IE7

» SPAMfighter News - 10/9/2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page