mozilla has an exploited vulnerability.
but at least theres a fix for it.
ive recently wondered if the reason there are so many exploits to the internet explorer browser was because it is so popular and wide-spread.
with mozilla on the rise, will we see more vulnerabilities be exploited?
[via]
I'm a photographer based out of Anchorage, Alaska. I've recently become a wife, a stepmother, and a homeowner. Life is pretty awesome. You can email me anytime. Learn more...
Also: catching up on Game of Thrones. #adultweek 1 hour ago
Just dropped the boy off for JROTC orientation camp. AKA I'm eating every home meal #nopants for the next week. 1 hour ago
Ah well. I'm still going to bed. Shit can get done another day. 10 hours ago
Get Shit Done time interrupted by a very important Minecraft Show and Tell. 10 hours ago
Okay one half hour of the Get Shit Done hat and then I'm going to bed. 10 hours ago
1 Comments
We will surely see more vulnerabilities discovered in Mozilla as its popularity rises -- the same could be said for any software, anywhere. But Mozilla will never be as open to attack as IE for the simple reason that it does not implement ActiveX, the chief source of IE security problems.
Microsoft designed ActiveX specifically to allow websites to run executable content in your browser. This would be fine if not for their abysmal neglect of proper security restrictions -- note that Java applets also run executable content in the browser, but you never hear about Java applet worms and virii, because the JVM has a proper security model.
ActiveX is a huge mess that Microsoft *will not fix* for fear of breaking existing sites that depend on it (including Windows Update). They release one patch after another, but the fundamental security weaknesses will remain until they get the balls to force everyone to upgrade to a safer browser (which, ironically, is happening anyway -- it's just not a Microsoft browser).
Also, notice how quickly the bugfix was released after the initial reports. Microsoft has left known security holes unpatched for weeks, sometimes months.
Conclusion: we don't need to worry that Mozilla/Firefox will ever become the security nightmare that IE is.