Web browser security

Mozilla Patches Cross-Site Scripting Flaws in Firefox

Mozilla is delivering security updates fast and furious this month, the latest coming late last week when a new version of Firefox repaired three vulnerabilities related to the Location object. The Location object is supported by all major browsers and contains information about the URL being requested.The vulnerabilities were closed in Firefox 16.0.2, Firefox ESR 10.0.10, Thunderbird 16.0.2, Thunderbird ESR 10.0.10 and SeaMonkey 2.13.2.

Security researcher and Google employee Michal Zalewski is warning of a potentially serious security hole that affects the three major Web browsers, Internet Explorer, Firefox and Google’s Chrome browser and that could make it easy for attackers to push malicious downloads from domains other than that being visited by unsuspecting Web users.

There is a critical vulnerability in the Opera browser that could be used by an attacker to execute arbitrary code on vulnerable machines. The bug affects the latest version of Opera running on Windows 7, as well as Windows XP SP3.

Sometimes news events just come together in a way that opens a window
– even if its a kind of cloudy window – onto the future. So it was this
week, as stories about a coming generation of wired automobiles
collided with some thought-provoking reports on the vulnerability of
said cars to traditional kinds of wireless attacks.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.