Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
Did A Google Earth Mistake Cause A Couple's Brutal Murder?
Yet Another Security Flaw Hits Firefox 3.5 Web Browser
Here at Switched, we're big fans of Firefox, the once alternative Web browser from Mozilla that, within a few years, has become hugely popular, with nearly one in four Web surfers using it today. We quickly downloaded the 3.5 release when it was made available a few weeks ago -- alas, a raft of security warnings are making us wonder whether that was necessarily the best idea.Not long after the eagerly-anticipated 3.5 release, a major security vulnerability was found -- a flaw that could have allowed shady Internet sites to infiltrate your computer and, possibly, install spyware. That flaw was patched last week, but now, just a few days later, another security hole has been found. It's called the "Unicode Data Remote Stack Buffer Overflow Vulnerability," and, as of now there's no fix from Mozilla.
Should you be worried? Probably not, as it's unlikely that more than a handful of sites are using this exploit, and they're surely relegated to the darkest corners of the Web. This is really just more of a black eye for the browser, which was pledged as a more secure alternative to Microsoft's Internet Explorer. Still, you should always be careful and be wary before you go to random sites you've never heard of -- and, when Firefox prompts you about an important security update in a day or two, you'd best install it. [From: SecurityFocus, via DownloadSquad]
12 Common Workout Myths Debunked
Forbidden America: Cold War-Era Map Shows No-Go Zones For Soviet Tourists
Powerball Jackpot Winning Ticket Purchased In Florida
Tenants: Stench of Death Makes St. Louis Complex 'Unlivable'
Chili's Waitress Fired Over Facebook Post Insulting 'Stupid Cops'
Courtney Stodden Has A Sex Tape
Man Takes Dump In Background Of Instructional Workout Video
2013 Billboard Music Awards: Arrivals Photos From the Blue Carpet!
River Lost 150 Pounds: 'There Is Hope. Grab Onto It'
Ricardo Cerezo, Facing Eviction, Finds $4.85 Million Lottery Ticket
2013 Billboard Music Awards: All the Winners!
LOOK: Dolphins Make Rare Underwater Find
MIT's cheetah robot runs faster, more efficiently, can carry its own power supply (video)
Forever 21 Worker Fired After She Tells Her Traumatic Story
How Kidnapping Suspect Passes Time Behind Bars
Taylor Swift Q and A: What Does She Splurge on in Las Vegas?
Police Investigate Student Shooting Death
PHOTOS:Eva Longoria's Almost Wardrobe Malfunction At Cannes
Radio Host Makes Shocking Claim About Shooting Hillary Clinton
Obama Approval Rating Not Hurt By Scandals
These American Companies Refused To Sign The Bangladesh Safety Accord
Marine Reunited With Four-Legged Friend
PREGNANT!
Former OJ Attorney Gives Shocking Testimony
PHOTO: Looking Good! Chaz Bono Loses 65 Pounds
Teen Who Died During Her First Solo Drive May Have Been Texting
Student Shot Dead During Botched Home Invasion
Guess Which State Boasts The Most Million-Dollar Homes?
McDonald's Store Owners Fear Fast Food Chain Becoming Too Slow
New Leads In Case Of Missing British Girl
Comments
2
Subscribe to commentsHeimbachaeJul 20th 2009 10:45AM
i'm stickin to safari
asadotzlerJul 20th 2009 12:12PM
"That flaw was patched last week, but now, just a few days later, another security hole has been found. It's called the "Unicode Data Remote Stack Buffer Overflow Vulnerability," and, as of now there's no fix from Mozilla."
This is absolutely wrong. It is neither a stack buffer overflow nor an exploitable crash.
" Should you be worried? Probably not, as it's unlikely that more than a handful of sites are using this exploit, and they're surely relegated to the darkest corners of the Web."
There is no exploit. The crash is not exploitable. Please read Mozilla's official announcement explaining this:
http://blog.mozilla.com/security/2009/07/19/milw0rm-9158-stack-overflow-crash-not-exploitable-cve-2009-2479/