We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Firefox 0.9 holes detected

Upgrade to new version 1.0 now

In the very week Mozilla Firefox version 1.0 was launched, a series of potentially nasty security holes have been uncovered in older versions of the browser.

They have been classified by security company Secunia as "moderately critical", and could be exploited to "detect the presence of local files, cause a DoS (Denial of Service), disclose sensitive information, spoof the file download dialogue, and gain escalated privileges," the company's advisory notes.

In plainer English, this could allow malicious theft of passwords in Windows systems by way of directory file shares, spoofing of file extensions during file downloads and the launching of a DoS attack of sorts on affected systems.

The answer is for users to upgrade immediately to version 1.0, released only days ago. The problems are assumed to affect all versions up to version 0.9.

Of the Mac OS X version, Secunia says: "Firefox is installed with world-writable permissions, which potentially can be exploited by malicious, local users to gain escalated privileges," so the problem is not only one that hits Windows versions.

Microsoft’s Internet Explorer has come in for heavy criticism for its regular security problems, caused, some have claimed, by the company’s unwillingness to invest in development. It looks as if Mozilla’s open source method will have to work hard to keep up as well. The battle between the passionate volunteers that work for the Mozilla Foundation, and the megalithic Windows giant goes on.

IDG UK Sites

Android M / Android 6.0 UK release date and new feature rumours: Android M live video stream -...

IDG UK Sites

Why I think the Apple Watch sucks and you'd be mad to buy it

IDG UK Sites

Ben & Holly's Game of Thrones titles spoof is delightfully silly

IDG UK Sites

Jony Ive 'semi-retired' into new role: kicked upstairs as Chief Design Officer