GCN Tech Blog

By GCN Staff

Blog archive

The Fox is learning what it's like to be IE

We have it on good authority that about 83 percent of you are currently viewing GCN.com through Microsoft Internet Explorer. This blog entry isn't necessarily for you.

(Only about 1 percent of you still use Netscape Navigator. Who? During a phone conversation the other day, HUD CIO Lisa Schlosser was trying to launch a URL from an e-mail message and it brought up Netscape. When a GCN editor voiced surprise, she said HUD still had a few legacy applications that required Netscape, but that they'd convert those stragglers soon. By the way, Lisa just gave an excellent presentation on service-oriented architecture at GCN.com--you can register for a replay.)

But back to the point. You may have already seen it, but US-CERT this week saw fit to issue a browser/e-mail vulnerability alert--and its for the Mozilla family of open-source products, including the Firefox browser.

Firefox is still thought to be more secure than Internet Explorer, but experts are saying this is the first time in memory that the Mozilla suite, which also includes the Thunderbird e-mail client, has been riddled with multiple vulnerabilites. In this case, according to US-CERT, the flaws could allow an attacker "to take control of your computer."

Securty firm Secunia called some of the flaws "highly critical." In its alert Secunia says, "Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system."

To Mozilla's great credit, the open-source group already released fixed versions of the affected software, including Firefox (look for version What's clear about the browser-security wars is that the question going forward will not be which browser has the fewest flaws, but which developer can address the flaws fastest.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Apr 20, 2006 at 9:39 AM


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.