Quantcast

Blogs

    Bugs and Fixes

  • Contributing Editor Stuart J. Johnston advises you on how to fix the latest problems affecting your operating system, your browser, your other software, and your hardware.
  • Subscribe to this blog

New Attack Gets at Firefox Through IE

Stuart J.Johnston

Bugs and Fixes graphic

Illustration: Harry Campbell
Beware, dual browser users: In a rare twist, a Mozilla Firefox browser bug could give an attacker control of your PC if you happen to click a booby-trapped link in Microsoft's Internet Explorer.

If you browse with IE but don't have Firefox installed, you're fine. If you browse with Firefox, you're hunky-dory. But if you have both and click a poisoned link in IE, Microsoft's browser will start Firefox, which will run the attack command contained in the passed-along URL.

Though each group said that the other was at fault, Mozilla released a fix in its version 2.0.0.5 update, sent via Firefox's automatic update feature. If you're an IE user and haven't started Firefox in a while, fire up the alternate browser and select HelpCheck for Updates. Check out the Firefox patch, which also squashes a few other security bugs.

Holey iPhone

A problem in the iPhone's Safari browser introduces a hole that an attacker might exploit via a drive-by download from a malicious Web page to take over the phone. Researchers at Independent Security Evaluators discovered the flaw, which affects Mac and Windows versions of Safari, too. To make sure you have the mobile fix, connect your iPhone to your PC, select your phone in iTunes, and click Update. For details and links, see Mac and Windows patches.

  • Recommend this story?
  • 0 Yes
    0 No

"New Attack Gets at Firefox Through IE" Comments

Print 50% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.

Featured APC Accessories For Your System
10% Off Entire Cart at Online Store

  • APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
  • APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.

Focus on Personal Productivitysponsored by Microsoft

  • Personal Finance 2.0 These free and fee-based Web services not only aggregate data from your online bank accounts, they give you tools for managing your money.
  • High-Tech Travel Tips Plenty of stories provide advice for elite mobile professionals. But what about you, the unproductive traveler?

People who read this also read:

Bugs and Fixes

All PC World Blogs

Today's Special Offers