This is the first time I’ve heard of a security flaw that’s caused or involves two browsers. Most of the time, known security flaws are found in Internet Explorer and sometimes in Firefox. But this time it involves both browsers.
At first, security researchers laid the blame for the latest zero-day exploit on Microsoft’s Internet Explorer. Later on, they found out that the problem was with Firefox 2.0+ and that it was also vulnerable.
From CNet’s News Blog:
Users could face a “highly critical” risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a “firefoxurl://” URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.
Researchers say it’s a little bit of both. But from what I understand, even if you have both browsers installed on your computer but only use Firefox for browsing, then you won’t be at risk. If you’re running both browsers on your computer, make sure to check for security updates and install them right away.
One advantage of using Ubuntu/Linux or a Mac is that you don’t get to worry about these kinds of issues. I’m glad I joined the Linux bandwagon and installed Ubuntu on my machine. Even if you’re still using Windows, you can avoid this if you stop using IE and rather use Firefox, Flock or Opera.
Read the full story: Firefox and IE together brew up security trouble
bunch of crap I hear all the time. I use firefox and IE6 together everyday without antivirus running and not behind a router. I see all the crazies with thier sniffing and maybe a few zombied systems on my own network. I use a low rated firewall with custom rules, group policy(custom), and only necessary services. I update my pc once every 4 months maybe and I check for a new version of firefox every month or two. I use hotmail and I am signed up at many sites. I have been like this for years with no trouble for at least 4 years.
I actively pursue these so called exploits and test my system against them. Maybe you all should learn how to use your computers before you go online. Hardening from inside will protect your pc and your info if you take the effort to learn. (Bunch of puppets)
@jun – Good question. As long as you use IE only for testing purposes and not for browsing, then it’s okay. Your computer becomes vulnerable when you browse a malicious site using IE.
what if you use the IE tab in Firefox? For testing of your site…
@trench – Hehe..you’ll be fine. I know you only use Firefox for browsing right? ;)
You had me sweating for a minute. I use firefox exclusively although I do have IE installed on my computer.
@dimaks – Yup, same here. Never looked back after I first installed Firebird. :D
ahh, its been a wise decision for being a fox user for so many years now :)
@jhay – Hehe..Windows users might think we’re arrogant. LOL But they don’t know what they’re missing. Right? :D
Weird indeed, but then again I’m on Ubuntu so ho-hum. :lol:
im glad im using mac at home :mrgreen:
@Ade – I know. It needs both browsers to be installed and used for the exploit to work. The point here is, you can avoid all of this if you don’t use IE! :D
Weirdest exploit ever.
@koolbirks – Good for you! Hehe