Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Firefox users are being advised to update their browsers in the wake of new security patches from Mozilla.
The company this week issued updates for a pair of vulnerabilities in versions of Firefox prior to 3.5 which could allow attackers to steal personal data and remotely execute code.
The first of the two flaws lies in the handling of Secure Socket Layer (SSL) protocol and if exploited could allow an attacker to issue false security certificates and possibly steal user data. Discovery of the flaw was attributed to researchers Dan Kaminsky and Moxie Marlinspike.
The second of the two vulnerabilities, also discovered by Marlinspike, could allow for remote code execution. An attacker could exploit the flaw by using a specially-crafted certificate to cause a application crash and leave users vulnerable to further attacks.
Mozilla said that Firefox 3.5 was not believed to be vulnerable to either of the reported issues. Firefox 3.0 users are being advised to update to the 3.5 version of the browser.
The company issued an update for Firefox 3.5 in mid-July to fix an unrelated flaw in the browser's JavaScript component.
The new releases come just days after the company marked the one billionth download for the popular open source web browser.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.