Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Mozilla repairs Firefox security flaws

Add to del.icio.us     Digg this story Digg this

September 8, 2010

Click here to order the best dedicated server and at a great price.

Late yesterday, Mozilla says it has released two new versions of its Internet browser, Firefox 3.6.9 and Firefox 3.5.12, to successfully repair up to ten critical security vulnerabilities in each browser and to help website operators block a security bug called clickjacking.

Firefox 3.6 also gets a new general approach to reduce on browsing risks: support for what's called the X-Frame-Options HTTP response header. Web site developers can use this technology to block browsers from showing their Web sites inside a frame--essentially a smaller window within the browser window.

Placing a legitimate site inside a frame on a malicious site is one approach for attacks called clickjacking, in which the malicious site can capture keystrokes such as usernames and passwords.

For the new versions of Firefox 3.5 and 3.6, nine of the ten critical vulnerabilities are exactly the same, but one problem on 3.5 is minor on 3.6, and one 3.6 problem didn't affect 3.5 either.

Additionally, several noncritical security vulnerabilities were fixed as well.

Overall, critical security vulnerabilities can allow a remote attacker to run malicious code on a PC or workstation. With today's complex Web browsers becoming more and more powerful, browser makers must constantly watch for new attack possibilities on their software.

Mozilla is also racing against the clock to release Firefox 4.0 before the end of the year. It released a 5th Firefox 4.0 beta yesterday, adding support for some hardware acceleration on Windows, among other neat features.

It also seems probable that Mozilla won't meet its Sep. 10 deadline for freezing the code base for the sixth beta--the last cutoff point for getting new features into Firefox 4. A week later, on Sep. 17, it will look more likely some say.

We don't want to put your hopes down, but not all the Firefox 4.0 features are coming to fruition, at least not now anyway. According to meeting notes published yesterday, another feature slipped off the roadmap: a Firefox developer tool called the 'Inspector' that would have made it easier to find details about security elements on specific Web pages of any given site.

Also updated yesterday were the stable and beta versions of Google's new Chrome 6 browser with the release of version 6.0.472.55. Wow.

This most recent security update also patches issues with autofill, which can enter data such as addresses and names into Web forms, the overwriting of the default search engine setting and also some issues with Chrome's language translation feature.

Add to del.icio.us     Digg this story Digg this

Source: Mozilla.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.


You can link to the Internet Security web site as much as you like.


| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer






Get your Linux or Windows dedicated server today.