Articles Tagged with "Firefox"
From the Web
Helping users keep plugins updated
September 04, 2009 from: Mozilla Security Blog
Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk.
Comments (0)
From the Web
Why some Firefox users choose not to update
August 25, 2009 from: Mozilla Security Blog
The best way for users to stay safe online is to use an updated browser. While most Firefox users get updated quickly, some fall behind for various reasons. We’re looking for ways to increase uptake while still preserving user choice.
Comments (0)
From the Web
URL bar spoofing vulnerability
July 28, 2009 from: Mozilla Security Blog
Firefox - The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page.
Comments (0)
From the Web
Locking up the valuables: Opt-in security with ForceTLS
July 28, 2009 from: Mozilla Security Blog
Computers are increasingly mobile and, to serve them, more and more public spaces (cafes, airports, libraries, etc.) offer their customers WiFi access. When a web browser on such a network requests a resource, it is implicitly trusting the hotspot not to interfere with the communication. A malicious computer hooked up to the network could alter the traffic, however, and this can have some un...
Comments (1)
From the Web
Firefox crash not exploitable (CVE-2009-2479)
July 19, 2009 from: Mozilla Security Blog
In the last few days, there have been several reports (including one via SANS) of a bug in Firefox related to handling of certain very long Unicode strings. While these strings can result in crashes of some versions of Firefox, the reports by press and various security agencies have incorrectly indicated that this is an exploitable bug. Our analysis indicates that it is not, and we have seen no ex...
Comments (1)
From the Web
Measure What Matters – The SEC Essentials
July 14, 2009 from: Mozilla Security Blog
People want to know that they are safe when they browse the web. There are important differences between browsers when it comes to security, and so it’s no surprise to see a growing number of groups out there attempting to compare browsers based on their security record. That’s great news; not only does it help inform users, but it also lets browser authors know where they stand, and w...
Comments (0)
From the Web
Critical JavaScript vulnerability in Firefox 3.5
July 14, 2009 from: Mozilla Security Blog
A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly yesterday. It is a critical vulnerability that can be used to execute malicious code.
Comments (2)
From the Web
Measure What Matters - The SEC Essentials
July 10, 2009 from: Mozilla Security Blog
People want to know that they are safe when they browse the web. There are important differences between browsers when it comes to security, and so it’s no surprise to see a growing number of groups out there attempting to compare browsers based on their security record.
Comments (0)
From the Web
New CSS Grammar Fuzzer
July 10, 2009 from: Mozilla Security Blog
Fuzzers are a tool that we’ve found incredibly valuable in the past, and continue to employ heavily. A fuzzer’s job is to make your application fail by feeding it surprising inputs.
Comments (0)
From the Web
Shutting Down XSS with Content Security Policy
July 10, 2009 from: Mozilla Security Blog
For several years, Cross-Site Scripting (XSS) attacks have plagued many of the web’s most popular sites and victimized their users. At Mozilla, we’ve been working for the last year on a new technology called Content Security Policy.
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!