Mozilla Browsers OnFire
"Some of Mozilla's web browsers contain multiple vulnerabilities
of "Firescrolling", "Fireflashing", "Firetabbing" and "Firedragging".
These vulnerabilities allow web sites to steal information from the user sessions and
cookies to execute arbitrary code, install malicious XUL plugins and change
configuration of Firefox."
Vulnerable Systems:
* Mozilla Firefox version 1.0
* Mozilla Suite version 1.7.5
Immune Systems:
* Mozilla Firefox version 1.0.2
* Mozilla Suite version 1.7.6
UPDATE YOUR MOZILLA/FIREFOX BROWSER!
See this item at securiteam.com/securitynews for complete details.
Full Version: Mozilla Browsers OnFire
Koan: Thanks for the kick in the pants, I've been running 1.0 and ignoring the warnings. Some fools never learn, but I did just install 1.0.2. But if you have time, I'd like to know if I did it correctly (don't you just love those after-the-fact questions?) Also hoping this may help others.
I first tried to do an update using the update feature in 1.0 @ Tools>Options>Advanced, etc. but on three attempts, it just sat there "downloading and installing updates" without completion. I'm on cable and on the last try, it sat there running (not frozen) for 15 minutes without completion. So I gave up on that.
I then went to Mozillas forums looking for help, but it's an unfamilar swamp in there and I didn't have all day to noodle around, so I did this:
Went to Mozilla's site and downloaded 1.0.2 into a folder. I then removed 1.0 using add/de/ete in Control Panel. Finally, I installed 1.0.2 from it's folder and here I am. Did I do good?
PS: Also pleasantly surprised that all of my settings and bookmarks stayed in there, which I guess means that add/delete did not remove everything.
I first tried to do an update using the update feature in 1.0 @ Tools>Options>Advanced, etc. but on three attempts, it just sat there "downloading and installing updates" without completion. I'm on cable and on the last try, it sat there running (not frozen) for 15 minutes without completion. So I gave up on that.
I then went to Mozillas forums looking for help, but it's an unfamilar swamp in there and I didn't have all day to noodle around, so I did this:
Went to Mozilla's site and downloaded 1.0.2 into a folder. I then removed 1.0 using add/de/ete in Control Panel. Finally, I installed 1.0.2 from it's folder and here I am. Did I do good?
PS: Also pleasantly surprised that all of my settings and bookmarks stayed in there, which I guess means that add/delete did not remove everything.
QUOTE
I first tried to do an update using the update feature in 1.0 @ Tools>Options>Advanced, etc.
Updating 1.0 only does just that. Updating does not install the newer versions.
QUOTE
Went to Mozilla's site and downloaded 1.0.2 into a folder. I then removed 1.0 using add/de/ete in Control Panel. Finally, I installed 1.0.2 from it's folder and here I am. Did I do good?
I usually set up and install the newer version and then uninstall the older
version, keeping it in a archive file that I zip up. That way the new install copies
all the preference items from before and if needed, I still have the older
version to fall back on.
QUOTE
surprised that all of my settings and bookmarks stayed in there, which I guess means that add/delete did not remove everything.
It is my understanding that the FF preference files do remain after uninstalling a version.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.