× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. PCTECH
  3. July 2004

Just when you thought it was safe to go back in the water...

...well, go back surfing anyway ;) 

For those of you that have recently switched to Mozilla or Firefox / 
Thunderbird on Windows there's a recently discovered security bug :( 

>From http://mozilla.org/security/shell.html - more details & links to 
patches & latest, fixed, versions are there too.

-----------------------------------------8<--------------------------------
What Mozilla users should know about the shell: protocol security issue

On July 7 (yesterday) a security vulnerability affecting browsers for the 
Windows operating system was posted to Full Disclosure, a public security 
mailing list. On the same day, the Mozilla security team confirmed the 
report of this security issue affecting the Mozilla Application Suite, 
Firefox, and Thunderbird and discussed and developed the fix at Bugzilla 
bug 250180. We have confirmed that the bug affects only users of 
Microsoft's Windows operating system. The issue does not affect Linux or 
Macintosh users.

Today, the Mozilla team released a configuration change which resolves this 
problem by explicitly disabling the use of the shell: external protocol 
handler. The fix is available in two forms. The first is a small download 
which will make this configuration adjustment for the user. The second fix 
is to install the newest full release of each of these products. 
Instructions on administering these changes can be found below.
[snip]
----------------------------------------->8----------------------------------

Regards, Martin
-- 
martin@xxxxxxxxxx  AIM/Gaim: DBG400dotNet  http://www.dbg400.net   /"\
DBG/400 - AS/400 & iSeries Open Source/Free Software utilities     \ /
Debian GNU/Linux | ASCII Ribbon Campaign against HTML mail & news   X
                                                                   / \

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.