Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

ADVISORIES

Firefox Security Flaw Affecting Gmail's Users

- The Firefox JAR vulnerability still there

By: Bogdan Popa, Security and Search Engines Editor

Last week, security companies around the world spotted a new vulnerability in Mozilla Firefox which could allow the attackers to use a malicious JAR file to harm users' computers. The security flaw is still there and moreover, it seems it affects most websites on the Internet including the super search giant Google.
GnuCitizien wrote that Michal Zalewski from Google (you know, that famous hacker who joined Googleplex) required additional information about a potential exploitation over the company's technologies. In addition, beford.org discovered a way to steal the Gmail contact list using a malicious JAR file especially created to take advantage of the Firefox vulnerability.

I'm not going to offer you more details about it but I'll give you a tip on how to remain protected against attacks. You can always install the NoScript extension which was already updated to provide protection for this exploit. In case you never tried it, NoScript is an add-on designed to work with Mozilla Firefox which is supposed to disable the webscripts included on the websites you choose.

Obviously, you can always choose another browser to visit the Internet pages which will surely keep you away from the Firefox JAR attacks. But in case you're a Firefox-addicted user, I think you can try signing out of your account but I'm not sure this would be 100 percent efficient. However, stay away from dangerous websites and unknown links which could attempt to steal your private Google information.

Now, since the flaw affects both Google and Firefox, I'm pretty curious to see which will be the first company to patch it. "Who's fault? Both, Google for having open redirect issues and not fixing them, and Mozilla Corporation for failing to address this problem," beford wrote.

You can download the latest version of Firefox straight from Softpedia.

MORE RELATED ARTICLES: Firefox 3.0 to Support Offline Applications How to Get The Best of Google Firefox 3.0 To Bundle Google's Security Tools Google Toolbar for Firefox Updated! Google Gets More Firefox Support Google Is God
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

TAGS: firefox google flaw security jar

12th November 2007, 08:08 GMT | Copyright (c) 2007 Softpedia | Contact:
Read by 1,234 user(s) | Rating: | 8 vote(s) so far | Cast your vote:
Firefox Security Flaw Affecting Gmail's Users - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT Firefox Security Flaw Affecting Gmail's Users

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive