Mozilla has patched the flaw in Firefox 3.5, which was revealed publicly on July 13. This brings us to version 3.5.1. It is a critical bug that could allow an attacker to run his own malicious code on your PC, and install malware and other nasty stuff. Exploit code for the vulnerability went public a few days ago, but by then was already working on a fix.

You should update to 3.5.1 now. It is available for Windows, Macs and Linux. As advertised, it does in fact seem to be significantly faster than the old version, 3.0.

We are still waiting for a patch for that problem ActiveX control, however. This flaw was revealed the same day as the above Firefox bug, but no word yet from Microsoft as to when the vulnerability will be repaired. This particular is used to display spreadsheets in Internet Explorer, and publish them online.

Exploit code for this bug has been seen by several security companies. Microsoft has a tool on its support site that will disable the control for you, by modifying the Windows Registry. Do not try to do this manually, unless you are an experienced, advanced user.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • YahooMyWeb
  • Google Bookmarks
  • Yahoo! Buzz
  • TwitThis
  • Live
  • LinkedIn
  • Pownce
  • MySpace