Most Popular
| Top Stories | Latest | Featured |
Weekend open forum: Windows 7 target to boot in under 15 seconds
Asus releases F6V laptops with scent
Intel prepares to discontinue multiple Core 2 processors
Joost prepares to launch web-based player
LG details upcoming Blu-ray / Netflix player
AMD prepares two new low-cost low-power CPUs
Newsletter
| Newsletter | TechSpot Poll |
You can also subscribe to our daily feeds using:
IT
Mozilla prepares fix for Firefox's flat add-on vulnerability
A Firefox security flaw originally judged to be of low severity has been upgraded to high, but Firefox 2.0.0.12 “which will be available shortly,” according to the Mozilla Security Blog, will include a fix for the problem.
The vulnerability, known formally as the “chrome protocol directory transversal,” concerns the so-called ‘flat’ add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol could allow an attacker to retrieve data from a compromised system.
The vulnerability is not within the browser, according to Mozilla’s chief of security Window Snyder, but in how the extensions are written. You can check out a list of affected extensions at Mozilla’s website while you wait for the next Firefox update.
Related Stories
