Firefox dirty dozen: Mozilla patches 'critical' browser flaws

Mozilla has released Firefox 3.6.11 with patches for a dozen security holes, some serious enough to launch attacks if a user simply surfs to a booby-trapped website.

In all, the open-source released nine bulletins documenting 12 security vulnerabilities. Five of the bulletins are rated “critical,” meaning that those vulnerabilities can be exploited to run attacker code and install software, requiring no user interaction beyond normal browsing.

Here’s the raw information on the critical updates:

MFSA 2010-71 Unsafe library loading vulnerabilities:

Mozilla developer Ehsan Akhgari reported that a function used to load external libraries on Windows platforms was using a relative path to a DLL-loading application and was thus vulnerable to binary planting if an attacker was able to place an executable of the same name in the current working directory or any of the other locations that Windows searches for executables.

Continue reading

Comments

Post a Comment

Popular posts from this blog

KEPONG Gangster甲洞

Image
“ KEPONG ”, a famous local Chinese gang/gangster neighbourhood, is a story about five young men whom are best friends that join a gangster and then faces the reality of gangster life with financial problem, drugs, power and so on, ending up breaking their friendship and bad consequences. From the left: Rayz, Melvin, Hero, Henley & Billy. Although the theme of the film mainly focus on the story of the gangster, however, it still indirectly convey a positive message to the teenage, to highlight to them not to involve in any such activities which might ruin their bright future. The Kepong movie introduce: Director: Teng Bee Casts: Melvin Sia, Henley Hii, Hero Tai and Aunty Lai Meng Genre: Gangsterism, Teenager Release date: 13 September 2012
Read more

SNSD’s album was postponed to June 29.

Image
Need to wait for 4 more days Because of the album cover SM Entertainment have postponed its release to the 29th of June. SNSN's album release date will postponed from 25th to 29th. Also MP3 release date was changed. Only Tell Me Your Wish (Genie) will be released on 25th and the other song are going to be released on 29th at various online stores. SM Entertainment said “We used military icons on album cover, however it was interpreted and understood in a way we didn’t expected. So we are planning to delete the part and put an icon of Korean supersonic jet T-50. (sound weird to me).
Read more

Singaporean arrested for FB attack on govt

Image
A Singaporean man who attacked the ruling party on Facebook and urge people to “burn” a cabinet minister has been arrested on charges of inciting violence, police said Wednesday. In a statement, police said they had arrested a “man in his late 20s” on Tuesday “in connection with investigations into offences related to incitement of violence”. The statement did not name the man or give details of the offence, but said that he was released on bail pending further investigation. Local media identified him as Abdul Malik Ghazali, 27, who posted a series of comments on the social networking site critical of how Singapore is hosting the inaugural Youth Olympic Games (YOG). The August 14-26 event, held for competitors aged from 14 to 18, has generated limited public interest, with many events blighted by empty seats and the host country’s athletes faring badly. Continue reading
Read more