Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The vulnerability arises when the browser processes JavaScript code to handle HTML font tags, the advisory said. An exploit can cause a memory corruption buffer overflow, which could lead to a compromise on an affected system.“If your browser (Internet Explorer, Firefox, etc.) or its plug-ins (Adobe Flash Player, QuickTime, Sun Java, etc.) contain vulnerabilities, then you're exposed to security threats every single time you visit a website,” Secunia spokesman Mikkel Winther told SCMagazineUS.com in an email.No patch is available yet from Mozilla, though exploit code has been posted on exploit repository milw0rm, which has reopened after temporarily shutting down.Until a patch from Mozilla is available, US-CERT has encouraged users and administrators to disable JavaScript to mitigate any risks associated with the vulnerability. On its site, US-CERT describes a method to turn JavaScript off.If that is untenable, Secunia said the best way to avoid being infected is to practise safe web surfing. “We can only recommend that users refrain from visiting untrusted websites,” Winther said. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.