Security update issued for Firefox browser

Stan Beer
Monday, 28 February 2005 18:30

IT Industry - Development

Experts at SophosLabs, Sophos's global network of virus and spam
analysis centres, have advised businesses and home users to update their
version of the Mozilla Firefox web browser, in order to protect against a
number of security vulnerabilities.

Firefox 1.0.1 addresses a number of security flaws involving download dialog
boxes and code injection. It has also changed the way it handles
International Domain Names (IDN). The IDN vulnerability can help phishers
fool users into believing they are visiting a legitimate banking website,
rather than a bogus site designed to steal confidential data.

"No web browser is perfect and anyone who uses the internet has to make sure
they stay up-to-date with the latest security patches. The increasing
popularity of Firefox will undoubtedly mean that it is targeted by hackers
trying to attack its users in future," said Graham Cluley, senior technology
consultant for Sophos. "With organised crime increasingly attempting to
steal from innocent users through viruses, phishing attacks and malicious
spyware, no-one can afford to relax when it comes to security."

More information about the new version of Firefox, which is available for
Windows, Mac OS X and Linux, can be found on Mozilla's website.

Firefox is said to have been downloaded by over 25 million people and has
stolen market share from the leading web browser, Microsoft's Internet
Explorer.