GCN Tech Blog

By GCN Staff

Blog archive

The Fox is learning what it's like to be IE

We have it on good authority that about 83 percent of you are currently viewing GCN.com through Microsoft Internet Explorer. This blog entry isn't necessarily for you.

(Only about 1 percent of you still use Netscape Navigator. Who? During a phone conversation the other day, HUD CIO Lisa Schlosser was trying to launch a URL from an e-mail message and it brought up Netscape. When a GCN editor voiced surprise, she said HUD still had a few legacy applications that required Netscape, but that they'd convert those stragglers soon. By the way, Lisa just gave an excellent presentation on service-oriented architecture at GCN.com--you can register for a replay.)

But back to the point. You may have already seen it, but US-CERT this week saw fit to issue a browser/e-mail vulnerability alert--and its for the Mozilla family of open-source products, including the Firefox browser.

Firefox is still thought to be more secure than Internet Explorer, but experts are saying this is the first time in memory that the Mozilla suite, which also includes the Thunderbird e-mail client, has been riddled with multiple vulnerabilites. In this case, according to US-CERT, the flaws could allow an attacker "to take control of your computer."

Securty firm Secunia called some of the flaws "highly critical." In its alert Secunia says, "Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system."

To Mozilla's great credit, the open-source group already released fixed versions of the affected software, including Firefox (look for version 1.5.0.2). What's clear about the browser-security wars is that the question going forward will not be which browser has the fewest flaws, but which developer can address the flaws fastest.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Apr 20, 2006 at 9:39 AM


inside gcn

  • data protection (Ditty_about_summer/Shutterstock.com)

    More states appoint chief privacy officers to protect people’s data

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities

More from 1105 Public Sector Media Group