Firefox + IE = Security Flaw?



FIrefox and Internet Explorer

This is the first time I’ve heard of a security flaw that’s caused or involves two browsers. Most of the time, known security flaws are found in Internet Explorer and sometimes in Firefox. But this time it involves both browsers.

At first, security researchers laid the blame for the latest zero-day exploit on Microsoft’s Internet Explorer. Later on, they found out that the problem was with Firefox 2.0+ and that it was also vulnerable.

From CNet’s News Blog:

Users could face a “highly critical” risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a “firefoxurl://” URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.

Researchers say it’s a little bit of both. But from what I understand, even if you have both browsers installed on your computer but only use Firefox for browsing, then you won’t be at risk. If you’re running both browsers on your computer, make sure to check for security updates and install them right away.

One advantage of using Ubuntu/Linux or a Mac is that you don’t get to worry about these kinds of issues. I’m glad I joined the Linux bandwagon and installed Ubuntu on my machine. Even if you’re still using Windows, you can avoid this if you stop using IE and rather use Firefox, Flock or Opera.

Read the full story: Firefox and IE together brew up security trouble

Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Google+, Facebook or Twitter.

13 Comments

  1. Alec

    February 3, 2008 at 3:58 AM

    bunch of crap I hear all the time. I use firefox and IE6 together everyday without antivirus running and not behind a router. I see all the crazies with thier sniffing and maybe a few zombied systems on my own network. I use a low rated firewall with custom rules, group policy(custom), and only necessary services. I update my pc once every 4 months maybe and I check for a new version of firefox every month or two. I use hotmail and I am signed up at many sites. I have been like this for years with no trouble for at least 4 years.
    I actively pursue these so called exploits and test my system against them. Maybe you all should learn how to use your computers before you go online. Hardening from inside will protect your pc and your info if you take the effort to learn. (Bunch of puppets)

  2. JP Habaradas

    July 12, 2007 at 10:12 PM

    @jun – Good question. As long as you use IE only for testing purposes and not for browsing, then it’s okay. Your computer becomes vulnerable when you browse a malicious site using IE.

  3. jun

    July 12, 2007 at 9:50 PM

    what if you use the IE tab in Firefox? For testing of your site…

  4. JP Habaradas

    July 12, 2007 at 9:00 PM

    @trench – Hehe..you’ll be fine. I know you only use Firefox for browsing right? ;)

  5. trench

    July 12, 2007 at 8:50 PM

    You had me sweating for a minute. I use firefox exclusively although I do have IE installed on my computer.

  6. JP Habaradas

    July 12, 2007 at 6:36 PM

    @dimaks – Yup, same here. Never looked back after I first installed Firebird. :D

  7. dimaks

    July 12, 2007 at 5:26 PM

    ahh, its been a wise decision for being a fox user for so many years now :)

  8. JP Habaradas

    July 12, 2007 at 7:30 AM

    @jhay – Hehe..Windows users might think we’re arrogant. LOL But they don’t know what they’re missing. Right? :D

  9. jhay

    July 12, 2007 at 7:09 AM

    Weird indeed, but then again I’m on Ubuntu so ho-hum. :lol:

  10. koolbirks

    July 12, 2007 at 12:11 AM

    im glad im using mac at home :mrgreen:

  11. JP Habaradas

    July 12, 2007 at 1:30 AM

    @Ade – I know. It needs both browsers to be installed and used for the exploit to work. The point here is, you can avoid all of this if you don’t use IE! :D

  12. Ade

    July 12, 2007 at 1:17 AM

    Weirdest exploit ever.

  13. JP Habaradas

    July 12, 2007 at 12:30 AM

    @koolbirks – Good for you! Hehe

Leave a Reply

Your email address will not be published. Required fields are marked *