Firefox 0.9.2, Thunderbird 0.7.2, Mozilla 1.7.1 Coming Soon
Thursday July 8th, 2004
Branches have been created for three of mozilla.org's latest releases, in order to fix an external Windows protocol handler bug. The fix involves disabling the
More information about the exploit can be found in this post on the FullDisclosure mailing list.
Update: The XPI to disable the pref is now available.
Another Update: mozilla.org has published a document on the issue.
Yet Another Update: There is an eWeek article about the exploit as well as a discussion at Slashdot. The now public bug report that covers the
Yet Another Update: If you are not using Windows, you are not at risk from this bug. If you are using Windows, go to www.mccanless.us/mozilla/mozilla_bugs.htm to see if you are vulnerable.
#51 Windows 98 users are not affected?
Saturday July 31st, 2004 8:36 PM
You are replying to this message
Hi again, Just found this statement on a webpage at <http://www.windowsbbs.com/showthread.php?t=32807>:
Windows 98 users are not affected by the vulnerability.
So all that concern (about how to install the patch to close the security hole) was apparently for nothing!?
It would be useful if developers and security experts would remember that some of us 'Dinosaurs' out here still use OLDER programs--and at least mention those systems which are not in jeopardy when they publish these alarming vulnerability reports.