The Fox is learning what it's like to be IE
We have it on good authority that about 83 percent of you are currently viewing GCN.com through Microsoft Internet Explorer. This blog entry isn't necessarily for you.
(Only about 1 percent of you still use Netscape Navigator. Who? During a phone conversation the other day, HUD CIO Lisa Schlosser was trying to launch a URL from an e-mail message and it brought up Netscape. When a GCN editor voiced surprise, she said HUD still had a few legacy applications that required Netscape, but that they'd convert those stragglers soon. By the way, Lisa just gave an excellent presentation on service-oriented architecture at GCN.com--you can register for a replay
But back to the point. You may have already seen it, but US-CERT this week saw fit to issue a browser/e-mail vulnerability alert
--and its for the Mozilla family of open-source products, including the Firefox browser.
Firefox is still thought to be more secure than Internet Explorer, but experts are saying this is the first time in memory that the Mozilla suite, which also includes the Thunderbird e-mail client, has been riddled with multiple vulnerabilites. In this case, according to US-CERT, the flaws could allow an attacker "to take control of your computer."
Securty firm Secunia
called some of the flaws "highly critical." In its alert Secunia says, "Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system."
To Mozilla's great credit, the open-source group already released fixed versions of the affected software, including Firefox
(look for version 22.214.171.124). What's clear about the browser-security wars is that the question going forward will not be which browser has the fewest flaws, but which developer can address the flaws fastest.Posted by Brad Grimes
Posted by Brad Grimes, Joab Jackson on Apr 20, 2006 at 9:39 AM