Nine new Mozilla and Firefox security flaws

Mozilla flaws could allow attacks, data access
April 18, 2005
By Munir Kotadia, CNET News.com

 

New Exploits released for Mozilla and Firefox
Sunday, April 17, 2005
Posted by Mikko @ 19:15 GMT

 

I still have not downloaded it yet since my last box went down, do they have a new patched version up yet

 

Yes they do, Anthony.

http://www.mozilla.org/download.html

 

I just had a similar problem with www.openoffice.org and had to remove the old version and get the new beta 2.0, it is quite a nice program.

Thanks for the notice and the link

 

Full story: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1080895,00.html

 

The difference is that the Firefox team fired off a fix immediatly.

MS has to spin it's wheels while they decide how bad the patch will affect the OS as IE is so closely intergrated. Just plain old bad planning on MS's part.

Bugs will always exists. The quality of the software and the software provider should be guaged by reation time IMO.

Firefox wins hands down there.

 

It is true - I checked when some of the serious bugs were entered to bugzilla:

http://www.mozilla.org/projects/security/known-vulnerabilities.html

In some cases Mozilla folks fix the problem within a day!

J.D.

 

I agree 100%. And considering that I don't have any of those aforementioned features turned on or utilized, it would not affect me anyway.

 

Nicely Said.

 

Firefox remains the way to go IMHO. The bug fixes seem to be very quick.

 

Suit yourself. It's nice to have choice. But I do find it funny that we first get the open source crowd trying to tell us that the software is invulnerable and then when bugs are announced we get the "yes but look how fast they were fixed" stuff. In this case, no matter how many people proclaim the "one day fix" myth, some of these bugs were common knowledge before the weekend (Thursday I believe) and the new versions were not available for downloads until Monday. That's a bit longer than 24 hours, wouldn't you say?

Have you noticed that many of the bug fixes announced by Microsoft are for bugs you didn't even know existed until the fixes were released?

All that said, this thread was about warning people to upgrade Firefox. One of the things that concerns me is that many people have been fed the myth that Firefox avoids the security issues seen in IE. Based on that belief. my son and a nephew recently converted. I don't think the open source community does themselves or their users any favors by making false claims -- if you are using Firefox, it is just as important for you as it is for IE users to keep up with updates. And I wish Mozilla/Firefox would get it's act together and develope some way of automatically notifying people of vulnerabilities and then issuing PATCHES instead of forcing a download of the entire new version.

 

1) Where did the "open source" community make such a statement please?

2) Um er, percentages please, not speculation based on how informed you think you may be please.

3) Again, if you look up the quotes, no one said it won't happen. And I stand by the fact open source responds faster. They can because they are not working in the fragile inner rings of the windows core like IE.

4) They probably do that because of the seeming inability of windows to do an upgrade of anything without it tripping over remants of the previous install it left behind. In other words, it's a damn smart move, you know you have new code.

Both have their place, but I hate IE because while MS postures this big facade that they hate spam, down the hall they delvelop IE so vendors in their graces can do exactly that, spam you. But worse, on your desktop.

The IE argument is lost there and cannot recover, that is bills intention and they will keep providing hooks for vendors to get around email and spam your desktop.

Don't let one known failed attempt at this make you think it won't happen, it will. Then you will be able to hate IE for what it is, not because you don't undersatnd open source methods that actually work.

 

I think you know full well that the myth of invulnerability has been widely propagated. You can't have missed the geelful headlines, initiated by the open source community and picked up and circulated even further by the popular press. This thread wasn't started to bash Firefox -- it was started to warn people of vulnerabilities because too many people are now convinced that if they use Firefox they don't need to worry any more.

 

Now that sounds more like you. Yes, the propganda wagon got out of control by wanna be zealots. However the purists are probably not speaking but know as well too of the inevitable.

 

What sparked the thread was a comment from my son, who recently returned from a trip to the UK where his cousin apparently told him he should use Firefox so he wouldn't get all those viruses and stuff.

We have a large extended family and I just know I'm going to be re-formatting a lot of hard drives in the next little while

 

My reason for switching to firefox was for features--in particular, I really like tabbed browsing. The fact that it isn't a microsoft product was a bonus.

I do agree that it is annoying that updates aren't simply patches but Firefox does notify you when new updates are available (little red arrow on the top right of the browser window)

 

Well, I'll be! I thought that little red arrow meant, "You're shafted now, bud"...

 

Fred Langa: FireFox Pros And Cons

 

More bourgeois bashing of good working class browser, FireFox. The flaws are propaganda launched by comrade bill. A revolt will happen one of these days. The proletariats will rise up, and squash the flaws that rule over us.