[DLSLUG-Discuss] FW: US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities
Ted Roche
e-mail addresses are not shown in archives
Sat Jul 29 09:12:33 EDT 2006
On Jul 28, 2006, at 7:22 PM, Roger wrote:
> okay, okay... fine... Firefox is flaky at running JavaScript and Java.
Everybody is.
> Are there fixes available for these problems?
Yes. On some platforms, FireFox will offer to auto-update. Happened
on my Mac yesterday. Ubuntu is offering an updated T-bird this
morning. You'll need to check with the maintainers of your distribution.
> III. Solution
>
> Upgrade
>
> Upgrade to Mozilla Firefox 1.5.0.5, Mozilla Thunderbird 1.5.0.5, or
> SeaMonkey 1.0.3.
>
> Disable JavaScript and Java
>
> These vulnerabilities can be mitigated by disabling JavaScript and
> Java in all affected products. Instructions for disabling Java in
> Firefox can be found in the "Securing Your Web Browser" document.
>
I recommend NoScript plug-in for FireFox. I only enable js when -I-
want it to run.
Ted Roche
Ted Roche & Associates, LLC
http://www.tedroche.com
More information about the DLSLUG-Discuss
mailing list