Firefox Update – Quicktime Pwns Firefox

firefoxA serious vulnerability in Mozilla Firefox has been addressed in release which is now posted to the Firefox web site. The exploit involved an issue in Apple QuickTime that could reportedly lead to a full compromise of the browser and possibly the underlying operating system.

The vulnerability reported by Petko D. Petkov at , who also reported on two other QuickTime vulnerabilities last year.

Workaround: Disabling JavaScript in the browser does not protect against this attack; in vulnerable versions scripts passed through the -chrome option would be executed regardless of the JavaScript setting for web content, much as interpreters for languages such as Perl and Python execute scripts passed on the command line. The NoScript add-on, however, has provided protection against this class of attack since the cross-browser vulnerabilities described by MFSA 2007-23 were discovered. ~ Mozilla Foundation Security Advisory 2007-28


Firefox is now available for Windows, Mac, and Linux for free download from



Leave a comment

Filed under Internet Browser, Mozilla Firefox

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s