14 DAY TRIAL // FireFox is trying to maintain for as long as possible the image of the secure software solution, and for that reason, in less than a month published two security patches. The vulnerability solved by this actualization was discovered by Internet Security Systems, but was solved before this company released its usual reports to the users.
The Mozilla foundation released a new patch for the Firefox browser and recommends all users to install it. The tracked vulnerability is caused by a buffer overflow type error which takes place during the processing of a specific extension block implemented by Netscape within GIF images.
This security breach may be used by a hacker to execute a malicious program on the victim's system. This attack is launched when accessing a modified web page or through an email message containing an also modified GIF image.
Another problem is related to the interpretation of the XUL files, such a special file "tinkered with" by a hacker can be utilized to avoid accessing restrictions of a privileged XUL file.
The Mozilla foundation is making important efforts to ensure the open-source Firefox the highest level of stability and security, these being the biggest advantages Mozilla has against Internet Explorer, accused several times for the numerous security breaches.
In the case of the open-source community, at least this time, the repair of the vulnerability was carried before the users found it. Internet Explorer still has security "holes" in several components, despite warnings and security reports published by the antivirus producing companies.
Mozilla published along with Mozilla Firefox 1.0.2 another series of patches for its own products: Mozilla Suite 1.7.6 and Mozilla Thunderbird 1.0.2, all available for download on the official Mozilla page.