Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Flawed Firefox Foxes IT departments

  • 13 July, 2007 16:37

<p><b>Despite Patch Tuesday, IT administrators are forced to turn their attentions to a zero-day exploit on Mozilla Firefox and Internet Explorer.<b></b></b></p>
<p>“Patches aren’t the only concerns that IT administrators have to worry about today with an active zero day exploit on the loose. The exploit results from an interaction between Mozilla Firefox and Internet Explorer and could allow a hacker to take complete control over victims systems simply by visiting a malicious website or opening an e-mail. The risk is limited to those who have Firefox 2.0.0.2 or greater installed. This flaw enables Firefox to call on other web resources and security researchers allege that the URI “firefoxurl:// is open to malicious code injection that could leave users at risk.</p>
<p>“While Mozilla is currently working on a fix, organizations need to a proactive approach to mitigate risk to the network by alerting its users to be careful when browsing the web and only visit trusted sites. This is a serious vulnerability and companies should consider disabling active scripting in html to limit their exposure to this threat. While there are three critical patches that IT administrators have to deal with today, companies should prioritize and deploy the fix immediately for this exploit when it’s released.”</p>
<p>Should you wish to discuss this in detail with Chris Wood, ANZ Director, please contact Sarah at Kinetics on 02 9212 3848 or sarah@kinetics.com.au</p>

Most Popular