Yup, you read it right.. a cross-site scripting exploit for firefox 1.x has been released today.. Obviously remote exploitable which can give the attacker system access. I guess it was just a matter of time, let's hope the folks at Mozilla will release a patch RSN.
Until then, you can use the following work-around:
1. Disable JavaScript (always a good thing)
2. Disable the "software installation" function
Read the full report here.
Update: Firefox-1.0.4 has been released, in which the above mentioned exploit has been fixed.
1 comment:
Greetings from North Cack-A-Lacky! I enjoyed your thoughts, although I give Firefox even a little more credit than you do, I think ;) See what I mean here: internet explorer error
Post a Comment