Firefox 3 Breaks Records, Then Itself

image
Illustration: Harry Campbell
Mozilla's Firefox 3, upon its recent release, set a new record for browser downloads in a single day: more than 8 million copies in just 24 hours. So it's no surprise that these days hackers are spending more time hunting for Firefox holes.

Mozilla issued updates to patch two security holes in both Firefox 2 and 3. The first fix blocks a malicious attack program from crashing Firefox by sending more pipe (the vertical line, or "|") characters than the browser can handle. The second vulnerability involves a similar overflow attack risk.

Neither bug has spawned real, in-the-wild attacks as yet; but with both unfixed, visiting a poisoned Web page could leave your PC infested with malware. Make sure you have the latest browser version by clicking Help, Check for Updates (versions 2.0.0.16 and 3.0.1 contain these fixes).

Opera Reprise

Firefox isn't the only browser in patching mode this month: Opera 9.51 corrects a security glitch rated "moderately severe" in the just-released 9.5 version. Opera has declined to disclose any details about the flaw, so as not to tip off hackers; thankfully, the patch predates real attacks.

Version 9.51 also fixes several stability issues and a bug that could let a bad guy read random portions of your PC's memory, possibly exposing sensitive information. Use Opera's Help, Check for Updates command to determine whether you need an update. To get it, you'll have to download and install the latest full version manually.

Unlike the Firefox and Opera bugs, a Microsoft Word hole is under attack right now. At press time, Microsoft was investigating reports of zero-day attacks against Word 2002 SP3 users (all other supported versions of Word are not affected).

As with many Office bugs, you'd have to open a poisoned Word document sent via e-mail or offered as a download to be hit. For more on the bug, check Microsoft's advisory.

Another Zero-Day Threat

Microsoft is probing a different zero-day assault that takes advantage of a hole in the ActiveX control for the Snapshot Viewer for Microsoft Access. The company says that it has seen limited, targeted attacks that trigger the flaw through Internet Explorer. Viewing a malicious Web page could leave your system completely compromised, and you're at risk if you have Access 2000, 2002, or 2003 installed, or if you downloaded the Snapshot Viewer for Microsoft Access on its own to read Access reports in IE.

As with all zero-day vulnerabilities, no patch is yet available. Microsoft suggests a few largely unpalatable workarounds, which include disabling Active Scripting in IE, prompting before running Active Scripting, or editing the Windows Registry to disable just that particular ActiveX control (see the advisory for instructions). Be careful with the Registry workaround, as making a mistake in editing the Registry can hamper or even break Windows.

Found a hardware or software bug? Send us an e-mail on it to bugs@pcworld.com.

Subscribe to the Daily Downloads Newsletter

Comments