Firefox Develops Security Holes

Techtree.com ^ | May 09, 2005 | Techtree News Staff

[Bush2000]

I will grant you that, regardless of what MS is currently doing, the existence and utilization of virus and spyware scanners is an unnecessary and counterproductive thing. I'll make the prediction right now: Combined with restricted user accounts and other sorts of security policy limitations that will be introduced over the next few years, we will see a much safer Windows. Now, of course, that won't help people that are currently using Win9x or WinXP. But vastly better security is a compelling reason to upgrade -- and MS apparently realizes this.

[frogjerk]

Please cite specifics to support your argument.

[ShadowAce]

Firefox has released a new security update less than a week after the issues came to light.

[D-fendr]

It updates and runs in the middle of the night, when I'm not using the machine. So where's the downside for me?

Not to be too picky, but.. You're still vulnerable to exploits which spread rapidly - before your nightly update - and to exploits, worms and such, not protected by anti-virus/spyware.

[D-fendr]

Thanks very much for your reply:

From what the press reports say, MS will make IE run with reduced privileges…

That's good news, and if it is integrated with restricted accounts, hopefully it will make exploits using Active-X and VBS less of a possibility.

vastly better security is a compelling reason to upgrade -- and MS apparently realizes this.

Do you have any thoughts or information on backward compatibility of apps with Longhorn?

Appreciate your replies and discussion...

[N3WBI3]

Straw man. Nobody is saying that. Point me to a post that says that, if you disagree.

hmm how about this " The ONLY reason Firefox and the Mac browsers are "safer" is simply because they are not used extensively enough for hackers to bother with them!..

Bold and Uppercase...

[Bush2000]

Not to be too picky, but.. You're still vulnerable to exploits which spread rapidly - before your nightly update - and to exploits, worms and such, not protected by anti-virus/spyware.

No, I'm not. Since I use a combo wireless AP/cable router/firewall ($50, street), you can probe my network ports all you want. I can hear you knockin' but you can't come in...

[Bush2000]

That's good news, and if it is integrated with restricted accounts, hopefully it will make exploits using Active-X and VBS less of a possibility.

I hope so, too. The complication is that it will make software installation more difficult. But I'd consider that a net positive.

Do you have any thoughts or information on backward compatibility of apps with Longhorn?

I've heard that at least Win2K/WinXP compatibility is a goal.

Appreciate your replies and discussion...

Ditto.

[Golden Eagle]

Does this "patch" require a full new install of the entire product like the previous "upgrades" did?

[Betis70]

No.

[N3WBI3]

post alpha 0.9 I have never had to reinstall firefox, it is always an online patch that only requires a browser restart..

[Golden Eagle]

post alpha 0.9 I have never had to reinstall firefox, it is always an online patch that only requires a browser restart..

According to this article you have. And I'll trust eWeek every time.

the rollout of its first security patch, Firefox 1.0.1, was delayed for several days because of server overload problems...Besides, this 'update' isn't really an update. It's a complete new installation of Firefox 1.0.1.

I can't see how may megs this latest patch is either, since their servers are currently overloaded again.