web analytics

Security

Security is biggest constrain while developing software or creating environment. Currently, I just came to notice about one of my favorite browser has security hole. Its shocking news for me. I love Mozilla firefox and having security leak on browser is much concern for me.

I don’t like IE specially older versions much because of ActiveX control. On developer perspective its good but I hate to give control of my system to anyone which makes it venerable and Remote Code Execution happens.

Following are Firefox Security Related information which I got from their website:
============================================

Title: Re-use of freed object due to scope confusion
Impact: Critical
Announced: April 1, 2010
Reporter: Nils (MWR InfoSecurity)
Products: Firefox

Fixed in: Firefox 3.6.3
DESCRIPTION

A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint’s Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.

==================================

Please update you Firefox now and make your self safe. You can download latest version at following URL:

http://www.mozilla.com/products/download.html?product=firefox-3.6.3&os=win&lang=en-US

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure