Mozilla is partly vulnerable to the latest web browser security hole, as reported by Mozillazine.
Patch already exists. Should hopefully be in soon. I have a good feeling Mozilla will beat Microsoft to the fix. IIRC Microsoft is taking the month off from patches, while it figures out the whole update system.
1 reply on “Mozilla Vulnerable”
“… have a good fe[a]ling Mozilla will beat Microsoft to the fix. ”
However, for fair information, Opera and Amaya browsers have allready beaten Moz and IE, by not having this URL spoofing problem. Opera even shows a POP-up warning window.
It would be nice if this problem would lead to syntax-highlighting in the address bar (Bugzilla bug 184074),
along the line as suggested by TimHunt:
“… just a subtle indication of which part is the server name, which part is the path, and which part is the query-string …”
“… use a really bright colour for the username/password bit, and suddenly phishing wouldn’t work any more.”