NoScript Blocks Latest Firefox Bug - Security Corner
Home > IT Blogs > Security Corner > NoScript Blocks Latest Firefox Bug
>>VIEW ALL POSTS  

Security Corner

« Worm Targets Home Networking Equipment
What Will Conficker do on April First? »
Mar 27 2009   5:32PM GMT

NoScript Blocks Latest Firefox Bug



Posted by: Ken Harthun
Security, Browsers, Secure Computing, Security management, Firefox, NoScript, Scripting, Exploits, Vulnerabilities

Got NoScript? If not, get it–the latest Firefox bug, an XML tag remote memory corruption vulnerability released on Wednesday, is mitigated by having the NoScript addon installed.

The bug can be exploited by a malicious website and can cause the browser to execute malware with no user intervention. All 3.0.x versions of Firefox running on Windows, Mac, and Linux operatintg systems are vulnerable. According to the Mozilla Wiki, the patched version, Firefox 3.0.8, “…is a high-priority firedrill security update to Firefox 3.0.x” and will be rolled out April 1.

The 3.0.8 release also fixes the Pwn2Own bug discovered at CanSecWest 2009, an issue that NoScript also mitigates.

I’ve said it before (see “Software for Secure Computing: Firefox & NoScript“); now’s a good time to say it again: install NoScript, and enjoy secure computing.

SecurityFocus bulletin: http://www.securityfocus.com/bid/34235/info.
The Register article: http://www.theregister.co.uk/2009/03/26/new_firefox_exploit/.
Mozilla Security Blog post: http://tinyurl.com/mozillasecurityblog

AddThis Social Bookmark Button     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register