Fix in for Firefox bugs

TalkBack 25 of 54:: Next »; « Previous

Thread View
Flat View

More low risk?: "[MSIE] Unpatched vulnerabilities are low risk. Many of the older
ones are moot because they apply pre-SP2."

Three more "moderately critical" :

http://secunia.com/advisories/13251/
http://secunia.com/advisories/13317/
http://secunia.com/advisories/13203/

Moderately Critical:

Typically used for remotely exploitable Denial of Service
vulnerabilities against services like FTP, HTTP, and SMTP, and for
vulnerabilities, which allows system compromises but require
user interaction.

This rating is also used for vulnerabilities allowing system
compromise on LANs in services like SMB, RPC, NFS, LPD and
similar services, which are not intended for use over the
Internet.

Doesn't sound low risk to me, and these are just the published
vulnerabilities.

"The bottom line is, this article isn't about Microsoft's security
problems, it's about Firefox problems."

I didn't start it;-)

"The way Mozilla advertises Firefox makes it sound like Firefox
is suppose to be fundamentally superior in security. That simply
isn't true."

It isn't? What no ActiveX (cause of many MSIE problems), public
disclosure of the source code and competitions to find bugs,
separation of the browser from the OS layer (for OSes that
respect it), active and transparent security group, 3 out of 23
Secunia advisories marked as "Unpatched" (vs 19 out of 85 for
MSIE).

I've never claimed Firefox is without vulnerabilities but I see no
evidence yet that would put it on the level of MSIE. It appears to
have pretty good fundamentals (with much more work still to be
done).

And I didn't even have to resort to the "and nobody uses it
making it a less attractive target" argument (oops):-); Posted by: Richard Flude Posted on: 09/21/05 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Already running it. (NT) Letophoro | 09/21/05

Current list of unpatched IE holes figgle | 09/21/05

Wow, 444 Days Combined Overdue For IE Flaws itanalyst | 09/21/05

Interesting that every page links to their Blink Endpoint product george_ou | 09/21/05

Uh oh yyuko@... | 09/21/05

I don't know. Letophoro | 09/21/05

You'll have to excuse them for reporting the facts toadlife | 09/21/05

Just had to say it.... figgle | 09/21/05

Nice link... Anti_Zealot | 09/21/05

Why did you post that? toadlife | 09/21/05

just a heads up Jeff Spicoli | 09/21/05

Just have to say it IT Scion | 09/22/05

They can't do as much with IE... BitTwiddler | 09/21/05

BWahahahaha!!! Yeah dude!!! Jeff Spicoli | 09/21/05

New version works great wcikanek@... | 09/21/05

no it does seem faster Jeff Spicoli | 09/21/05

It's a responsiveness thang slingzenarrowzuvowtrayjissforchin | 09/21/05

yup cygnusx1 | 09/21/05

Is George Ou here? Anti_Zealot | 09/21/05

facts are kryptonite to propagandists Jeff Spicoli | 09/21/05

Unpatched vulnerabilities are low risk george_ou | 09/21/05

assumptions Jeff Spicoli | 09/21/05

Are they? Richard Flude | 09/21/05

Ok, one "highly critical" george_ou | 09/21/05

More low risk? Richard Flude | 09/21/05

ActiveX is a feature george_ou | 09/22/05

ActiveX CobraA1 | 09/22/05

ActiveX.... ju1ce | 09/22/05

ActiveX IT Scion | 09/22/05

IT Scion... ju1ce | 09/22/05

Juice Ju1ce or whatever..... IT Scion | 09/22/05

I said "most" were low risk george_ou | 09/22/05

I see CobraA1 | 09/22/05

Secunia's word IT Scion | 09/22/05

MCIWNDX.OCX IT Scion | 09/22/05

Re: Unpatched vulnerabilities are low risk none none | 09/22/05

ZDNet Should Place All FF Flaw/Bug Reports Under Sub-News Heading itanalyst | 09/21/05

like Nietzsche said.. Jeff Spicoli | 09/21/05

Depends what you mean by "Bug"... figgle | 09/21/05

Wow IT Scion | 09/22/05

Figgle and itanalyst. ShadeTree | 09/21/05

thought ibabadur1 | 09/21/05

Not in the context that it is being used here! ShadeTree | 09/21/05

No, It's The Inherent Slowness Microsoft Responds To Problems itanalyst | 09/21/05

Oh man! Jeff Spicoli | 09/21/05

Once again it depends on the context and ... ShadeTree | 09/22/05

Bwahahahaha!!! Jeff Spicoli | 09/21/05

Meanwile CobraA1 | 09/21/05

And IT Scion | 09/22/05

In relation to the O/S that is... (NT) ju1ce | 09/22/05

So anyway...About the *fix*? tmd0309@... | 09/22/05

Not too much reason Greenknight_z | 09/23/05

I take it back, more reasons to update Greenknight_z | 09/24/05

Running 1.5 Beta 1 Greenknight_z | 09/23/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Live Webcast: Activate Today! Realize ROI with Intel(r) vPro? Technology and LANDesk Intel Join the team from the Intel vPro Expert Center for an informative Webcast ... Download Now
Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Read the original story

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads