FAO Firefox Users: New version (more security flaws....)

[DeludedGuy]

THE Mozilla Foundation has released a new version of the popular open source Firefox internet browser that plugs two critical and four high-risk security flaws.

The problems were flagged in the latest 1.0.5 release of the browser, which fixes 12 issues in total.

One of the critical flaws allows hackers to "execute code with enhanced privileges", while the other could allowt hem to steal information, including cookies and passwords, via the browser's support for various media players, such as Macromedia's Flash and Apple's QuickTime.

http://download.mozilla.org/?product...win&lang=en-US

[Stoo]

oddly enough I just happened to check the firefox site on Tuesday and spotted the new version, which is odd as firefox usually bleats when there's a new one out..

[ajbrun]

Yeah - it's not even done that for me either .

[Matt1eD]

same here, I'm glad it's not just me

Edit: looks like it's because v. 1.0.4 is still available 1.0.5 is only available in American English

[Xaneden]

And everyone said Firefox is MUCH more secure eh? Is it just me or are we easily getting to the stage where the monthly load of new exploits is equal between IE and Firefox.....?

Go IE7 I say.......

[directhex]

And everyone said Firefox is MUCH more secure eh? Is it just me or are we easily getting to the stage where the monthly load of new exploits is equal between IE and Firefox.....?

Go IE7 I say.......

firefox receives updates as needed, to address possible security problems.

msie receives updates on a monthly schedule, to fix proven and exploited security issues of variable vintage

spot the difference.

[Matt1eD]

Also due to be open source anybody can look at the code and report the flaws. Therefore they often get looked at or addressed quicker. I believe there's also a financial incentive for doing so????

http://www.whitedust.net/section.php...onName=Mozilla

[Kezzer]

And everyone said Firefox is MUCH more secure eh? Is it just me or are we easily getting to the stage where the monthly load of new exploits is equal between IE and Firefox.....?

Go IE7 I say.......

At least it's more of a regular occurence and at least the mozilla crew fix issues which have been listed as opposed to MS not fixing holes which have existed literally for years.

Also, i already know some developers who have spotted many flaws in IE7 already

[Xaneden]

Well, you knowing some developers is hardly conclusive now is it?

[Stoo]

Neither is your counter-argument.

[Kezzer]

Well, you knowing some developers is hardly conclusive now is it?

http://ppleyard.org.uk/archives/2005....html#more-230

[Xaneden]

Well, imho it is. How can Mozilla state it is 'secure' when in fact it is having around the same amount of exploits etc as IE montly? Granted, they release updates more often (because thats their main and realisicatlly ONLY major commerical product), but surely that doesn't stand up to the hype about it being 'the most secure browser ever'. If you want a trully secure and intuitive browser, use Opera.

IE imho has a good mix between both security, functionality (and of course its shell intergration helps ). Granted, it has its fair share of exploits, but like Firefox, fixes them to a viable extent.

#EDIT# Oh, and as for your link, isn't it a bit unfair to make an ussumption about a pre-beta piece of software? Microsoft have already stated it is not completed GUI wise.

[Kezzer]

You're kidding right? Have you seen the figures comparing the amount of infected PC's using IE, and ones using alternative browsers? It's got nothing to do with the amount of fixes per month at all, it's to do with which is most secure. Firefox is more secure. The figures show that.

[Xaneden]

No, the amount of new exploits found (about 2 months ago, not seen this months) were more for Firefox than they were IE. True, Mozilla fixed their exploits faster, but as I have said, that is the key product.

And as for your assumption that more people have spyware who run Internet Explorer, I'd have to agree with you totally. But you have to be 'kidding' if you can't see that IE having the market majority leads to its customers having more spyware; not down to it being bad software, but due to the scope of spyware being spread across IE's larger majority.

[scotty6435]

You're kidding right? Have you seen the figures comparing the amount of infected PC's using IE, and ones using alternative browsers? It's got nothing to do with the amount of fixes per month at all, it's to do with which is most secure. Firefox is more secure. The figures show that.

I doubt the fact that 90% of people who use other browsers are very competant at computers was included in that study. No browser is 100% secure but FF is far better than IE. My parents machine (IE) gets around 5 viruses a month from various sources, I (FF) get none..... ever and we use the same antivirus and spyware programs.

[joshwa]

Another way to look at this is: spyware/anti virus software is just a secondary measure, it's like spraying water at a dog who's wandering into your garden because you don't have a fence - whereas if everybody had a fence then the dog wouldn't be able to get in in the first place - I think everybody should have their PC behind a proper firewall/router solution then viruses(and spyware) can't just spread round so easily... surely a lot of the blame is down to the broadband ISPs just leaving the networks completely open...