[zeugma]

If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser.

The actual likelihood of running into one of these unless you regularly browse through the shady side of the net, but it's always bettyer to be safe than sorry. Note: that this particular defect does not propagate. That is, it is not a virus or worm. Some nasty person can make your browser crash, which can be fairly traumatic I'll admit after your browser has been up for a week or so with 30 tabs - but still.

[FEARED MUTATION]

the shady side of the net

Does that include porn sites?

[Terpfen]

If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser.

Proof of concept code does not equal an exploit in the wild.

You know, it's really nice of these security companies to wait until the final release before announcing these things. Mozilla puts out nightly builds, betas, and release candidates for a reason.

[don-o]

If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser.

Is it turned off, if nothing drops down when you click on the address bar?

[ThinkDifferent]

The sample exploit doesn't crash Firefox on my system with OS X 10.4.2. It does seem to make Firefox take a long time to quit and launch though.

[raybbr]

Do you have any tips on running firefox from a removable drive? I haven't tried it yet but people here at work say they run it from their jump drives.

[tubebender]

How many users of Firefox 1.5 are out there?

[antaresequity]

This is not possible. Firefox and Linux are bullet proof and only Microsoft makes crappy software.

Move along...

[PilloryHillary]

bump for later

[DJ MacWoW]

ping

[montag813]

"If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page," according to the Internet Storm Center posting. "Once this happens, Firefox will be unable to be started until you erase the history.dat file manually."

That's all? Big freakin deal.

[King Moonracer]

Thats nothing, IE will crash when you look at it. Something about photons bouncing off your eyeballs...

[WalterSkinner]

..it's still more secure than IE...

[Tarpon]

It is worth pointing people to the Noscript extension -- It’s a Firefox extension that applies a default-deny policy to JavaScript, so that scripts will only run from servers that you explicitly allow. Javascript is becoming the new 'activeX exploit' and is the source of those popups that get past the usual blockers, like on Drudge.

[VOA]

bump

[goldstategop]

The story states this flaw can be exploited if you do NOT have an antivirus program/firewall on your computer. If you have one, then you are protected against a browser exploit.

(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie.Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")

[goldstategop]

Its NOT an issue. It happens only on a system where you are not running a firewall or anti-virus software. If you have complete protection, Firefox is a great little browser.

(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")