ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

UPDATE: German government to users: Stop using Firefox!

By | March 22, 2010, 5:43am PDT

Summary: The German government has issued a stern warning to web surfers telling them not to use Firefox because the browser contains a critical security vulnerability.

The German government has issued a stern warning to web surfers telling them not to use Firefox because the browser contains a critical security vulnerability.

BürgerCERT, part of the German Federal Office for Security in Information Technology, is advising users to stop using Firefox until Mozilla can push a patch out to users to fix the vulnerability that it contains which could be exploited by hackers to run malicious code on users’ computers.

Personally, I wonder how much this browser switching really helps people. In the long run, unless you put a method in place where you’re using multiple browsers on a regular basis, continually switching to avoid vulnerabilities leaves you in a constant state of flux and badly affects output.

Still, coming shortly after Microsoft rolled out its “Browser Ballot” mechanism across Europe encouraging people to switch to different browsers, including Firefox, this must be a little embarrassing for Mozilla.

If you’re a Firefox users and don’t want to stop using the browser, Mozilla have a release candidate build of Firefox 3.6.2 available that fixes this issue … just remember that it’s a release candidate and not a final release!

UPDATE: Version 3.6.2 has now been released.

(via Sophos)

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Mozilla Firefox, Web Browser, Mozilla Corp., Web Browsers, Internet, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
129
Comments
Add Your Opinion

Join the conversation!

Just In

Readers to ZDNet: Stop representing old items as new!
TriangleDoor 6th Apr 2010
(n/t)
View in thread
0 Votes
+ -
Do they push warnings when IE has security flaws?
lass23 22nd Mar 2010
Microsoft propaganda as usual.
0 Votes
+ -
Enjoy the crow.
AllKnowingAllSeeing 22nd Mar 2010
http://news.bbc.co.uk/2/hi/technology/8463516.stm
0 Votes
+ -
Ironic, is it not?
Intellihence 22nd Mar 2010
I do recall the German government telling users to veer from Internet
Explorer, now they are telling users to veer away from Firefox. What's
next?
0 Votes
+ -
What's next? Good question.
AllKnowingAllSeeing 22nd Mar 2010
Maybe only use an "Offical, EU approved, Internet browser"?
0 Votes
+ -
Sure is a lot of protectionism going on in the EU
Intellihence 22nd Mar 2010
American companies should start doing the same, & the hell with the EU
0 Votes
+ -
My goodness...
Mitch 74 22nd Mar 2010
Right. Because that open source browser has only American developers. Get real.
0 Votes
+ -
I would never use Opera - NT
tripolitan 22nd Mar 2010
NT
0 Votes
+ -
Why not?
AzuMao 22nd Mar 2010
It's more secure and less proprietary than IE, and arguably more secure than Firefox.
0 Votes
+ -
Because...
fairportfan 22nd Mar 2010
...he is a moron.

The only time i ever use anything *other* than Opera is when some site designer suffering fecicranial inversion has made it impossible to do so.

(Yesterday i logged in to my DSL provider's website, and was - using Opera 10.50 - and was informed i needed a more modern browser, and presented with links to download IE and Netscape Navigator...)
0 Votes
+ -
Back to Gopher
dunn@... 22nd Mar 2010
Ahhh the ugly old days.
0 Votes
+ -
And PINE for e-mail
reziol 22nd Mar 2010
Very ugly days indeed.
0 Votes
+ -
Lynx (the browser) has never been compromised. EVER.
AzuMao 22nd Mar 2010
0 Votes
+ -
Lynx (the browser) has never been compromised?
kritifile 22nd Mar 2010
Has any text-only browser been compromised?
Also surely that's like saying that there are no Linux viruses. There are, but the user-base is too small for many to notice them and they are few.
Lynx users are a far smaller group than Linux users.
BTW I use Linux and Windows.
0 Votes
+ -
Everyone's going on about "don't use any browser at all then". Text is..
AzuMao 22nd Mar 2010
..better than nothing.

Doesn't anyone here remember how books used to actually be enjoyed?

Oh, and no, my post had nothing to do with Linux. There are tons of GUI browsers for Linux. It was about browsers.

I bet you can't even find one single virus in the wild for current versions of Linux.
0 Votes
+ -
errrm AzuMao....
Ceridan 23rd Mar 2010
Notepad was not compromised either...


PS: really, your gonna tell me that your using Lynx to read zdnet and respond right?
0 Votes
+ -
Just Checking to See if I Can Reply
CFWhitman 23rd Mar 2010
Just out of curiosity, I decided to see if I can reply through Lynx. If you can read this, then I was able to. happy
0 Votes
+ -
Notepad isn't a browser. And no. I'm saying there are more choices than;
AzuMao 23rd Mar 2010
1) Get hacked
2) Don't browse at all
0 Votes
+ -
Huh?
Hallowed are the Ori 22nd Mar 2010
Do they push warnings when IE has security flaws?
Microsoft propaganda as usual.
***************************************

Are you an idiot or something?

What does the German government issuing a warning about Firefox have to do with Microsoft?
0 Votes
+ -
here!
Linux Geek Updated - 22nd Mar 2010
What does the German government issuing a warning about Firefox have to do with Microsoft?
I've been telling you people for a while that M$ have infiltrated many governments with sleeper agents and moles.
Sometimes these agents failed and the German government warned aginst Internet Explorer but sometime they succeed like this shameless and unfounded attack against FireFox.
0 Votes
+ -
Ah. Thanks for clearing that up for me, LG. (nt)
Hallowed are the Ori 22nd Mar 2010
nt
  • Flagged
0 Votes
+ -
No.
Mitch 74 22nd Mar 2010
The German government warns users of widespread softwares that there is a known security risk with their version. Since Firefox has 35% market share in Germany, it is considered widespread - and a security exploit may impact a non-minor portion of the population.

Thus the warning.

IE got the same treatment - only, more often, while it's a first for Mozilla (they usually have a patch up before the German security team blinks, but not this time).
0 Votes
+ -
Geeze Jim - QUIT FEEDING the LINUX TROLL!
Wolfie2K3 22nd Mar 2010
Haven't you learned anything by now that anything LG says is suspect? Especially when his tin foil hat is on waaaay too tight and he's coming up with all these scenarios that are right out of an old Bond movie or some such. Microsoft has moles in the German government. Uh huh...
  • Flagged
0 Votes
+ -
You're right.
AzuMao 22nd Mar 2010
There's no way one of the biggest multinational corperations in the entire world could have any influence over any government.

Anyone who believes so is completely paranoid and possibly a terrorist, off to the internme- behavioral correction facility for him.
0 Votes
+ -
alert
LinuxFlamer 22nd Mar 2010
Come on, guys, Azuwhatever is an obvious plant, probably by Microsoft. No one is that obtuse. It's like how huffingtonpost trollers go to tea party rallies and shout racial slurs. Just ignore him and let the authorities deal with it.
  • Flagged
0 Votes
+ -
@Linuxwhatever; come on, I was being sarcastic, duh.
AzuMao 22nd Mar 2010
0 Votes
+ -
Well...
fairportfan 22nd Mar 2010
M$ could probably afford to buy (or at least take out a long-term lease on) the souls of most German politicians.
0 Votes
+ -
It's not like I actually believed him.
Hallowed are the Ori 23rd Mar 2010
I've been here long enough to know what LG is... and is not.
  • Flagged
0 Votes
+ -
LG is right!!!
ITOdeed 24th Mar 2010
Microsoft is also hiding Hitler.
0 Votes
+ -
Whaa???
Cyrorm 22nd Mar 2010
Apparently someone has his tinfoil hat on a little too tight...
0 Votes
+ -
Nahhh
rhonin 22nd Mar 2010
It's this new improved thinner aluminum foil being sold today.

He just added a few to many extra layers.

chuckle.
  • Flagged
0 Votes
+ -
Whaa???
raelalt 22nd Mar 2010
Apparently someone left his sense of humor at home today.
  • Flagged
0 Votes
+ -
Microsoft Agents??
Franciscus101 22nd Mar 2010
And the black helicopters are circling overhead your position.
  • Flagged
0 Votes
+ -
here!
ICUR12 22nd Mar 2010
here!
What does the German government issuing a warning about Firefox have to do with "Microsoft?
I've been telling you people for a while that M$ have infiltrated many governments with sleeper agents and moles.
Sometimes these agents failed and the German government warned aginst Internet Explorer but sometime the succeed like this shameless and unfounded attack against FireFox."

The black helicopters have been buzzing overhead all day now!!!
  • Flagged
0 Votes
+ -
You are right
DaveN_MVP 22nd Mar 2010
This is just more proof of Microsoft's evil quest for world domination. All of us had better start protecting ourselves today, before it's too late.

http://zapatopi.net/afdb/
  • Flagged
0 Votes
+ -
I think he also needs a pair of AFD
John Zern 22nd Mar 2010
(aluminum foil diapers) because he sounds way toO young to be here. happy
  • Flagged
0 Votes
+ -
That if they picked on Firefox when it was doing bad but not IE when it was
AzuMao 22nd Mar 2010
they would be biased and thus not credible.


Note that as posted above, however, this isn't the case.
0 Votes
+ -
Yes they Doo...
jokicmla@... Updated - 22nd Mar 2010
Microsoft Security Advisory Notification
Microsoft Security Bulletin Advance Notification
Microsoft Security Bulletin Summary
Microsoft Security Bulletin Major Revisions
Microsoft Security Bulletin Minor Revisions
0 Votes
+ -
Do you read ZDNet often?
No_Ax_to_Grind 22nd Mar 2010
If so, are you just stupid?
0 Votes
+ -
Apparently, NO...
fairportfan 22nd Mar 2010
And YES.
  • Flagged
0 Votes
+ -
Twice now the German BSI warned users away from Internet Explorer
slkgc 24th Mar 2010
In 2008 and in 2010 the German Government issued
a detailed warning for users of Microsoft
Internet Explorer (2008 Version 7, 2010 Version
6 and 7) to stop using those versions. They also
listed which browsers were safe to use.
0 Votes
+ -
Wasn't in not too long ago that the German government
AllKnowingAllSeeing 22nd Mar 2010
issued a warning to it's population to "stop using Internet Explorer?

In the end they'll probally have scared everyone off of competing browsers and straight to Opera. happy
0 Votes
+ -
Or to no browser!
Lerianis10 22nd Mar 2010
The idiots in Germany need to learn that ALL browsers are going to have vulnerabilities, and just tell the users how to MITIGATE the vulnerabilities.

By only going to trusted websites, by running something like Noscript, etc.
0 Votes
+ -
Re: no browser
bb_apptix 22nd Mar 2010
Don't use IE, it's not secure
Don't use FF, it's not secure

The only way to be 100% safe is not plug in that network cable. Ever.

For that matter, never log on and disable all non-fixed drive and peripheral access.
0 Votes
+ -
Complete anti-virus security
Scott Gates 22nd Mar 2010
Let's see just how far we CAN go: Never turn your computer on--Back to pencil and paper.

I'm not sure that personal calculators are 100% safe, either--SLIDE RULES!

And, just so you never ever expose yourself to another virus, electronic, or biological--lock your doors and never leave your house.

Hermits! Let's all become Hermits!

OK, perhaps that was a bit over the top.

However, I COULD become a hermit--if I had broadband. That could work.
0 Votes
+ -
You got that right.
fjpoblam 22nd Mar 2010
What's der Deutsch gonna do? Yup, stop using FF
because it has a security flaw. Next, stop using IE
because IT has a security flaw and start using FF again
or... use der Krome instead... but wait... no... Opera...
no... Safari... no... wait...

But wait: Windoze has a security flaw, so don't use that,
use MacOSX. But then, a security flaw comes out for
MacOSX, switch to Ubuntu. But... naw: switch back to
paper and make sure nobody's looking over yer
shoulder... but wait, that leaves dents in the table where
you were pressing with the pencil point. So, just
memorize and whisper. SOOOoooo... crap!
0 Votes
+ -
Right. Because those are the only two browsers in the world.
AzuMao 22nd Mar 2010
0 Votes
+ -
Or Chrome..
AzuMao 22nd Mar 2010
0 Votes
+ -
It has it's share of vulnerabilities
John Zern 22nd Mar 2010
The German Gov just hasn't gotten to them yet.
  • Flagged
0 Votes
+ -
Adrian: You are today's winner!
Dietrich T. Schmitz GNU/Linux Advocate Updated - 22nd Mar 2010
"Personally, I wonder how much this browser switching really helps people. In the long run, unless you put a method in place where you?re using multiple browsers on a regular basis, continually switching to avoid vulnerabilities leaves you in a constant state of flux and badly affects output."

That was succinctly put. It highlights a core issue that everyone needs to come to terms with:

The 'Zero Day Exploit Du Jour' will be ever-present.

There must be a better way.

The answer: Ubuntu Linux with Linux Security Module (LSM) AppArmor running a profile for Firefox.

What does this do? It places FF in a 'sandbox' and regardless of the current 'patch worthiness' of your 'App', AppArmor will stop cold all privilege escalation attempts.

In the meantime, you can relax in the knowlege that AA will protect 'any' internet-facing App you choose to profile.

Using Ubuntu Linux 9.10 has a major benefit in that it comes preconfigured running AA and prepackages a profile for Firefox.

To enable that profile, Ubuntu users should open a terminal Window and type:

[ Edit:
$sudo aa-enforce /etc/apparmord./usr.bin.firefox
$sudo aa-enforce /etc/apparmor.d/usr.bin.firefox
]

Close and reopen Firefox and your /usr/bin/firefox process id will be sandboxed.

That's it.

What can Windows users do?
Why not simply install WUBI right inside Windows?:
http://wubi-installer.org/

And then follow the above directive to enable the Firefox profile.

Then, simply use Ubuntu Firefox when you want access to the internet. (You can map a shareable folder in Ubuntu to Windows, or simply enable ntfs-ng to make your Windows NTFS partition read/writeable.)

That takes care of it!

Go get your WUBI installer today!

Dietrich T. Schmitz
GNU/Linux Advocate
0 Votes
+ -
(Sigh)
Hallowed are the Ori 22nd Mar 2010
Do you really have to Spam each and every Talkback with your worthless "analysis"?

To paraphrase the immortal Vince Neil: "Dude, don't go away mad, just go away."
0 Votes
+ -
Readers to ZDNet: Stop representing old items as new!
TriangleDoor 6th Apr 2010
(n/t)

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix