Mozilla moves to fix security vulnerability

Users urged to download patch

The Mozilla Foundation has urged users of its open-source Mozilla Application Suite, Firefox browser and Thunderbird e-mail client to download a small patch to work around a security vulnerability discovered Thursday.

The patches download a configuration change which disables the use of the :shell external protocol handler for running external programs by clicking on a hyperlink.

The security handling of this command may enable attackers to run arbitrary programs on Windows systems, although there are no problems for Mozilla users running other operating systems such as MacOS, Linux and other Unix variants, Mozilla said in a statement on its Web site.

The vulnerability affects Mozilla ( version 1.7.0 and earlier), Firefox (0.9.1 and earlier), and Thunderbird (0.7.1 and earlier)

Full new versions of the free products are also available from the site, Mozilla said.

Software Development

Topics

About

Policies

Our Network

More

Mozilla moves to fix security vulnerability

Users urged to download patch

More from this author

Online fraud: We got law, but no enforcement

UN organizes open-source software day across Asia

Reports: Open-source software alliance formed in China

Microsoft, Apple sued for offering online updates

First Windows CE virus emerges

California antitrust deal with Microsoft approved

Teacube PC promotes open embedded standard

COMMUNICASIA – Society set to kill off spam, academic says

Show me more

Stop using AI to submit bug reports, says Google

The ‘toggle-away’ efficiencies: Cutting AI costs inside the training loop

AI optimization: How we cut energy costs in social media recommendation systems

How to build desktop apps in Typescript with Electrobun

Write and run assembly in Python with Copapy

Run AI Models Locally on Your PC — No Cloud Required (LM Studio Guide)