Author Topic: "Holey Browsers"  (Read 5652 times)

0 Members and 1 Guest are viewing this topic.

Offline TedNelly

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1538
  • Trust No-One!
"Holey Browsers"
« on: June 02, 2005, 08:40:37 AM »
Firefox or Mozilla or any bloody browser for that matter

Programmers have discovered at least 28 holes in Firefox since January 1.

The Mozilla browser shared 27 of those problems with Firefox.

 Use Secunia's tool to see whether your browser is vulnerable:

Secunia's Tool

I thought that this would interest the members of this forum as I know that a lot of the members

use FF as I do
« Last Edit: June 03, 2005, 08:16:47 AM by P3t3rb0nn »
Windows 10 Pro | Intel I7 CPU | 16 Gig 2133 RAM | Avast beta 17.5.2295 | Firefox 54 b9(64-bit) | Cyberfox 52.1 | T-Bird 52.1.1 | SpyWareBlaster 5.5 | MalwareBytes 3.0.0.865 | WinPatrol 35.5.2 | GlassWire 1.2.100 | Cybereason Ransomfree 2.2.7 |  Pulla-dePlug Final!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86803
  • No support PMs thanks
Re: "Holey Browsers"
« Reply #1 on: June 02, 2005, 02:31:24 PM »
Peter if your going to post stuff like this which is misleading, as there aren't 28 unpatched holes. Yes 28 holes (as you say) have been discovered by programmers since January 1st (an eternity in computer terms), what you fail to mention is how many have been fixed.

This is a more accurate state, 17 Secunia Advisories, only 4 unpatched and of those they are classed as Less Critical. http://secunia.com/product/4227/
Quote
Mozilla Firefox 1.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Less critical

This is based on the most severe Secunia advisory, which is marked as "Unpatched" in the Secunia database. Go to Unpatched/Patched list below for details.

Currently, 4 out of 17 Secunia advisories, is marked as "Unpatched" in the Secunia database.

What surprises me more is having brought this to every firefox users attention, according to your signature you are still using firefox 1.0.3, not 1.0.4 the latest release patches a number of these security advisory vulnerabilities.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: "Holey Browsers"
« Reply #2 on: June 02, 2005, 08:05:58 PM »
Yes DavidR,

Some of these critical flaws have been fixed in FF. If IE were so quick as to fix theirs, there would not have been FF. A lot of FF's vulnerabilities still only work through an unpatched IE browser on the system. What was wrong with IE is building a browser as a conclusive part of your OS, very very unsafe policy. Active X was another of these examples, where the whole comp is open to attackers. FF has their holes as well, even in the last version. They work on that. But I know all over the net anti-spyware, and adware experts advice FF, and not only because of their big blue Mozilla eyes,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

MFB

  • Guest
Re: "Holey Browsers"
« Reply #3 on: June 03, 2005, 02:22:28 AM »
DavidR is correct, Firefox 1.0.4 has alot of security patches that fixes some of Firefox's security problems. 

Offline TedNelly

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1538
  • Trust No-One!
Re: "Holey Browsers"
« Reply #4 on: June 03, 2005, 08:06:42 AM »
Firefox or Mozilla

I thought that this would interest the members of this forum as I know that a lot of the members

use FF as I do

DavidR I fail to see how this could possibly be seen as misleading as there is a link to the actual

web site man judge for yourself  that was my meaning behind the post in the first place. It odviously

Interseted you ;D

Quote
This is a more accurate state, 17 Secunia Advisories, only 4 unpatched and of those they are classed as Less Critical

You knew this fact prior to visiting this site http://secunia.com/product/4227/ which I see is a link to the

posting I made.

Thank you for pointing out that my signature was incorrect. I know how people can be confused by version

numbers I will update Thunderbird to 1.0.4 as soon as it is available also  ;)
« Last Edit: June 03, 2005, 08:14:22 AM by P3t3rb0nn »
Windows 10 Pro | Intel I7 CPU | 16 Gig 2133 RAM | Avast beta 17.5.2295 | Firefox 54 b9(64-bit) | Cyberfox 52.1 | T-Bird 52.1.1 | SpyWareBlaster 5.5 | MalwareBytes 3.0.0.865 | WinPatrol 35.5.2 | GlassWire 1.2.100 | Cybereason Ransomfree 2.2.7 |  Pulla-dePlug Final!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86803
  • No support PMs thanks
Re: "Holey Browsers"
« Reply #5 on: June 03, 2005, 11:08:53 AM »
It is misleading because it only tells part of the story (and an old one at that), nothing is mentioned even briefly that many are patched.

So only those interested enough are going to check, the rest are left with a misleading impression that firefox is full of holes (your words). Not to mention the page you sent them to does a security check so they would have to look even further.

Your link doesn't go to the mozilla firefox security advisory page but to a page to run a security checking tool.

My reason for posting was in the Internet age of Instant Gratification and Headlines many would simply read the post and go no further. So I put the other side to the story and gave a link to the firefox security advisory page.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: "Holey Browsers"
« Reply #6 on: June 03, 2005, 11:10:44 AM »
Holey Browsers? More like Holy Browser!

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline TedNelly

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1538
  • Trust No-One!
Re: "Holey Browsers"
« Reply #7 on: June 03, 2005, 11:49:51 AM »


lol "thou shall not"

Thanks for the constructive criticism DavidR I hope you enjoyed the articles as you apparently  visited

the site and managed your way around ok . Which was the  whole idea behind the post

Windows 10 Pro | Intel I7 CPU | 16 Gig 2133 RAM | Avast beta 17.5.2295 | Firefox 54 b9(64-bit) | Cyberfox 52.1 | T-Bird 52.1.1 | SpyWareBlaster 5.5 | MalwareBytes 3.0.0.865 | WinPatrol 35.5.2 | GlassWire 1.2.100 | Cybereason Ransomfree 2.2.7 |  Pulla-dePlug Final!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33667
  • malware fighter
Re: "Holey Browsers"
« Reply #8 on: June 03, 2005, 01:44:23 PM »
Hi P3t3rb0nn,

Really that humor is the salt of life, I would say- what a great cartoon. laugh your head off, and use a safer browser, like FF, Opera etc. If your configuration is lousy, or your programs unpatched, even this or other Holey Browser can not save your three letter behind.

Greetings,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!