What are you doing here? Get patching...

| No Comments

A couple of hours ago, a new security release of Mozilla Firefox has become available. This 1.0.3 version fixes the following issues :

MFSA 2005-33 Javascript "lambda" replace exposes memory contents (moderate)
MFSA 2005-34 javascript: PLUGINSPAGE code execution (high)
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context (moderate)
MFSA 2005-36 Cross-site scripting through global scope pollution (high)
MFSA 2005-37 Code execution through javascript: favicons (criticial)
MFSA 2005-38 Search plugin cross-site scripting (moderate)
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II (critical)
MFSA 2005-40 Missing Install object instance checks (moderate)
MFSA 2005-41 Privilege escalation via DOM property overrides (critical)

As proof-of-concept code becomes available much quicker these days, you can bet on it that in a matter of days, new spyware, adware and trojans will be exploiting these issues, so patching them asap has become even more essential. In other words : upgrade to Firefox 1.0.3 right now. Update 17/04/2005 : POC exploit code is already available for the "Arbitrary code execution from Firefox sidebar panel II" as well as the "Code execution through javascript: favicons" bugs in pré 1.0.3 versions of Firefox. More in on the F-Secure weblog.

Oh, I hope you didn't miss the Microsoft security patches that were released on thursday? (8 patches, of which 5 were rated critical, 3 important and affected the following programs : MSN Messenger, Office, Internet Explorer, Windows 98/Me/2000/XP/2003 - something for everyone!)

Has anyone seen the article in The Register, titling "Virus writers have girlfriends - official"? I tell you, one day Geeks will rule the world!

I've been busy so far : I've got a second load of laundry in the machine, the tumbledryer is drying the first load - it's too wet outside to air-dry today - and I've handwashed two neckties, they are airdrying in the bathroom. The dishwasher is ready too, and only needs to be unloaded now. Which leaves the following tasks at hand : shower, shave, unload dishwasher, tumbledry second load when done washing, fold and put away the first batch of laundry, entertain ferrets, feed ferrets, quick-clean ferret cage, have something to eat, get dressed, write some CD's.

And all of that before 16h00, because I'll be leaving for Joco's place then.

Leave a comment

Monthly Archives


OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.04

About this Entry

This page contains a single entry by ServMe published on April 16, 2005 11:26 AM.

So far, so good was the previous entry in this blog.

Clearing errors in MT logs is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.