Online Computer Tips Home
Home All Tips OCT Newsletter Free Tutorials Tech News Resources

Monday, November 27, 2006

Security bug in Firefox 2.0

Attackers have found a new method of extracting information from users. So far it has been mostly affecting MySpace users. Its done by tricking the user's browser to send information to the attacker first and then its passed on to the actual server (such as MySpace) where it needs to go.

Firefox's Password Manager does not perform a thorough check before it decides to send across the password information. It also does not check whether it is sending the information to the same server that requested it.

Mozilla hopes to come out with a solution to the problem with the release of Firefox version 2.0.0.1 or 2.0.0.2.

As for now, the remedy is to disable the Save Passwords feature in your browser.
In Firefox go to Tools, Options then Security. Once there uncheck the box which says Remember Passwords for Sites.

Full Story

No comments: