Major vulnerability in FireFox on Windows (more?)

If you use Firefox, especially on windows, read this!

If you fail to take protective measures you could stumble across a webpage which toasts your system.

Geoff wrote me:

Not sure about Linux and OS X – assume the worst.


For now, consider using another browser. But if you have to use FireFox…

The CERT advisory suggests that you configure FireFox to generate a warning dialog whenever it encounters one of the URLs involved in the exploit.

To do this, start FireFox, enter the URL “about:config”, scroll down, and for each of the following entries make sure it is set to “true”.

If it isn’t, right-click the line and choose “Toggle”, which will set the value to “true”


This will at least give you a warning that Firefox is being asked to do something suspicious; you will have to judge for yourself whether it is nasty.

5 Replies to “Major vulnerability in FireFox on Windows (more?)”

  1. Pingback:
  2. source codebase looks like it’s fixed (patch). But not sure when a release will be out??

  3. IT’s fixed now, my version just updated itself with patch which has the fix in it

Leave a Reply

Your email address will not be published. Required fields are marked *