1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Firefox 3.5 suffers critical JS flaw

Discussion in 'Article Discussion' started by CardJoe, 16 Jul 2009.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,343
    Likes Received:
    292
  2. lp1988

    lp1988 Well-Known Member

    Joined:
    24 Jun 2008
    Posts:
    1,288
    Likes Received:
    64
    Running 3,5 but not using that manny diffrent sites so as long there is a fix within a reasonable timespan, I won't be worried.
     
  3. pimonserry

    pimonserry sounds like a party.

    Joined:
    20 Dec 2008
    Posts:
    2,113
    Likes Received:
    75
    I'm still on 3.0.11 because not all of my addons work with 3.5. Now I feel even better about it :clap:
     
  4. Jozo

    Jozo This is bit-tech

    Joined:
    14 Mar 2009
    Posts:
    171
    Likes Received:
    1
    LOL I just upgraded yesterday. How does the "flaw" affect Vista with its UAC?



    Ctrl + Shift + Pr0n for the win
     
  5. Turbotab

    Turbotab I don't touch type, I tard type

    Joined:
    4 Feb 2009
    Posts:
    1,217
    Likes Received:
    59
    Simple work around using about:config, but it look likes tracemonkey is still being a naughty sod. I wonder if you have to be running an admin level account, for the remote software to install?
     
    Last edited: 16 Jul 2009
  6. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
    yeah vista uac would catch this I would think.. thanks for the heads up though- running the 3.5 guinea pig
     
  7. Turbotab

    Turbotab I don't touch type, I tard type

    Joined:
    4 Feb 2009
    Posts:
    1,217
    Likes Received:
    59
    There are malware packages that attempt to gain admin level access, by trying to crack the admin account's password, which in many cases may be very weak.
     
  8. Otto69

    Otto69 New Member

    Joined:
    6 Oct 2007
    Posts:
    253
    Likes Received:
    3
    I'm still using 2.x on some of my computers because 3.x can be a performance and reliability pig.

    Also I just LOVE how every install of Firefox is a crapshoot as to whether it will delete some or all of my myriad bookmarks.
     
  9. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
    yep.. actually if your like alot of people on pre-builts they put the password unencrypted in the registry- and they disable the uac anyways

    the overflow should set off the uac though- I'm just guessing and not willing to try it- maybe after this weeks backup and they have no patch lol
     
  10. pendragon

    pendragon I pickle they

    Joined:
    14 May 2004
    Posts:
    717
    Likes Received:
    0
    glad I use both IE and Firefox ..always have the freedom to use one or the other!
     
  11. airchie

    airchie New Member

    Joined:
    22 Mar 2005
    Posts:
    2,136
    Likes Received:
    2
    It runs at whatever level you're logged in as so if you're running a restricted user account then you should recieve minimal damage.

    xmarks FTW. ;)

    Or alternatively, you have double the number if infection vectors to worry about... ;)

    FF + Noscript + xmarks = tehwin IMO :D
     
  12. l3v1ck

    l3v1ck Fueling the world, one oil well at a time.

    Joined:
    23 Apr 2009
    Posts:
    12,945
    Likes Received:
    17
    I use NoScript anyway. It's a genius little addon.
     
  13. sear

    sear Guest

    NoScript and Adblock, coupled with Spybot's immunisation and SpywareBlaster's magic stuff, basically make Firefox an impenetrable fortress. The only way my computer's getting infected is if I let it get infected.
     
  14. impar

    impar Well-Known Member

    Joined:
    24 Nov 2006
    Posts:
    3,101
    Likes Received:
    41
  15. dicobalt

    dicobalt New Member

    Joined:
    21 Mar 2009
    Posts:
    169
    Likes Received:
    2
  16. p3n

    p3n New Member

    Joined:
    31 Jan 2002
    Posts:
    778
    Likes Received:
    1
    Your using UAC? rofl

    It probably has no idea whats going on inside firefox, just that it allowed FF to run...
     
  17. impar

    impar Well-Known Member

    Joined:
    24 Nov 2006
    Posts:
    3,101
    Likes Received:
    41
    Greetings!

    3.5.1 is now available through the auto update.
     
  18. crazyceo

    crazyceo New Member

    Joined:
    24 Apr 2009
    Posts:
    563
    Likes Received:
    8
    This is hilarious.

    ALL HAIL IE8!!!!!!!!!!!!!!
     
  19. kingred

    kingred Surfacing sucks!

    Joined:
    27 Mar 2008
    Posts:
    2,462
    Likes Received:
    87
    Before people start touting x is more secure the same vulnerability has been proven to crash safari, kill the process in ie8 and just makes chrome lockup.
     
  20. crazyceo

    crazyceo New Member

    Joined:
    24 Apr 2009
    Posts:
    563
    Likes Received:
    8
    Yeah but you have to have a little fun every now and then.
     
Tags: Add Tags

Share This Page