Gaps in the appendices jeopardize the security of Firefox users      

Posted: 23 November 2009 by Anton Chuiko   |   Views: 380   |   Comments 1   |   Print     |   Discuss in forum
altSecurity experts have found in many popular extensions for Firefox security issues. They warn that the use of plug-ins may reduce the level of the whole system.

One reason for the popularity of Firefox is the ability to expand browser functionality with add-ons. Some, like NoScript even raise the level of security while you surf. The problem is that there is no defined boundary between the browser and extensions. This means that the problem of security contained in the Appendix some may discredit the whole system. In addition, this promotes the fact that the developers of plug-ins often take their hobby occupation and safety are not as extensive as the competence of the browser developers.

Media reported that security experts discussed the problem at a conference in India, where among other things, demonstrated how to use a type of Zero Day exploits against many popular Firefox extensions. It appears that the critical vulnerabilities include, for example, two RSS feeds: Sage to version 1.4.3 and Yoono 1.1.4.2, as well as the addition of social networking Yoono 6.1.1.

Tags: mozilla, firefox
 
 (Votes #: 0)

Related News:
    Security Vulnerability in Firefox Wikipedia Toolbar
    Service provider of security Secunia posted information about critical security affected in addition to Firefox called Wikipedia Toolbar. Found a potential vulnerability allows attackers to discredit the system.

    Firefox will warn of an outdated Flash
    Tuesday, September 8, Mozilla will make available new versions of its browser, bearing numbers 3.0.14 and 3.5.3. Both release program will be equipped with the function of checking the news installed in Adobe Flash.

    Microsoft warns against the use of plug-in Frame
    For security reasons, Microsoft discourages the use of plug-in Google Chrome Frame, through which users can use the Render Engine Chrome Internet Explorer. The company has prepared a number of improvements and updates that are supposed to make the br ... More

 
 
 
 

1Todd Pringle   

Quote           
24 November 2009 03:43   |   Group: Guests   |   Publications: 0   |   Comments: 0    
The Yoono vulnerability cited here was fixed in Yoono 6.2 which was released in August.
 
 
 
 

Add comments

Name:
E-Mail:

Code:
Include security image CAPCHA.
update code
Enter code: