ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Firefox plugs drive-by download security holes

By | December 10, 2010, 10:25am PST

Summary: According to Mozilla, 11 of the 13 vulnerabilities are rated “critical,” meaning that they can can be used to run attacker code and install software, “requiring no user interaction beyond normal browsing.”

The open-source Mozilla group has shipped a highly critical Firefox update to patch 13 vulnerabilities that expose Windows and Mac users to hacker attacks.

Some of the vulnerabilities could be exploited to launch drive-by malware downloads or code execution attacks if a user simply surfs to a rigged Web page.

One of the vulnerabilities is a re-patch for an issue that Mozilla initially thought was fixed back in March.

According to Mozilla, 11 of the 13 vulnerabilities are rated “critical,” meaning that they can can be used to run attacker code and install software, “requiring no user interaction beyond normal browsing.”follow Ryan Naraine on twitter

In addition to remote code execution attacks, some of the flaws covered in this patch batch could lead to cross-site scripting, Java security bypass and denial-of-service attacks.

The vulnerabilities affect both Firefox 3.5 and 3.6.  The patch is being delivered via the browser’s automatic update mechanism.

Here’s a quick glimpse of the advisories:

  • MFSA 2010-84 XSS hazard in multiple character encodings
  • MFSA 2010-83 Location bar SSL spoofing using network error page
  • MFSA 2010-82 Incomplete fix for CVE-2010-0179
  • MFSA 2010-81 Integer overflow vulnerability in NewIdArray
  • MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
  • MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
  • MFSA 2010-78 Add support for OTS font sanitizer
  • MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
  • MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
  • MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
  • MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Mozilla Firefox users should immediately update the browser to Firefox 3.6.13 and Firefox 3.5.16.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Error Page, Mozilla Firefox, Font, Security, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

12
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Firefox plugs drive-by download security holes
lovedong 13th Sep
VERY NICE POST,THANKS FOR SHARING,I REALLY LIKE THIS SPACE,THANKS AGAIN replica watches best
View in thread
0 Votes
+ -
Title
djmik 10th Dec 2010
Title should read "Firefox Plugs Drive-by Download Security Holes - Still Refuses to Give Enterprise IT the Tools to Centrally Deploy the Updates"

I know there are ways to do this but they are not simple, automatic or reliable. If Mozilla just gave us a central updating facility controlable by GPO, adoption would skyrocket.

Adobe, Java, this is for you too!
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
dfgjhjh 10th Dec 2010
h t t p : / / 0 8 4 5 . c o m / 1 o 3

I tide fashion
0 Votes
+ -
Want the feature ... what about PAYING FOR IT.
wackoae 10th Dec 2010
Firefox is a free application. Making your work easier is not their job. You pay nothing for the application, the least you can do is not complain about features YOU SHOULD BE PAYING FOR.

So if you want centralized deployment features, what about getting out of your lazy azz and writing it yourself?
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
Michael Alan Goff 10th Dec 2010
@wackoae

And because it's free, nobody can criticize it? What type of logic is this?
0 Votes
+ -
I have to agree with "wackoae" here.
Economister 11th Dec 2010
@goff256

It is not really about criticizing. It is about "demanding" more from a free resource.

If you use open source, be grateful to those who do the work and make it available to you. If you want more, roll up your sleeves and get your hands dirty. That is how that environment works.

If don't like that, pay for something that meets your needs.

Still not happy? Consider starting a business to develop what you cannot find on the market.
0 Votes
+ -
And the OP was just pointing out
Michael Alan Goff 11th Dec 2010
until it happens, Firefox won't get as large of adoption. A company shouldn't -have- to "be grateful" for Open Source. They should use what works for them, which obviously isn't Firefox in this situation.
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
Joe.Smetona Updated - 16th Dec 2010
@wackoae I use Linux Mint, so everything is automatically updated when I click the icon. That would include Google Picassa, Google Earth, Google Chrome, Python, Firefox, FileZilla, DVD software, Bluefish, K3b, Open Office,etc. I don't pay for any software and am using a 64-bit dual core HP with 19" monitor.

These updates aren't a concern when using Linux. The complete system takeover problem is for the MS users to worry about.

If you really want to get serious, leave FireFox alone and let Microsoft fix the issue in the OS causing the problem. But no one thinks that way. Being gullible to this fact saves Microsoft million$$$. It's always the fault of the application when dealing with MS.
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
dfgjhjh 10th Dec 2010
h t t p : / / 0 8 4 5 . c o m / 1 o 3

I tide fashion
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
lovedong 13th Sep
I like the article,thank you~! replica watches
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
lovedong 13th Sep
VERY NICE POST,THANKS FOR SHARING,I REALLY LIKE THIS SPACE,THANKS AGAIN replica watches best
0 Votes
+ -
NoScript addon
Martmarty 11th Dec 2010
im sure NoScript add-on can block those drive-by download holes in FF.
but im not using Firefox
0 Votes
+ -
RE: Firefox plugs drive-by download security holes
james347 13th Dec 2010
What about the drive-thru security holes?

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix