Comments on: Exploit turns up heat for Firefox flaw

Mozilla has patched the hole in the Web browser, but the public release of attack code means it's urgent that people apply the fix.

[imric1]

Nope.

DOS was purchased from Tim Patterson for 50k. Gates bought QDOS (quick and dirty operating system) after IBM failed to get CP/M (Killdall wouldn't sign IBM's NDA).

[Seaspray0]

Feature I'd like

A large majority of people will eventually visit a website that is malicious and changes their broswer settings without their consent. IE is more vulnerable in this due to most people having the active X turned on. Microsoft has done alot recently to sandbox this behavior but even so it can happen. As for firefox, I'm not sure how vulnerable it is but I'm inclined to believe less so than IE because of the lack of active X.

Active X in itself does allow you to do some nice things so it's a matter of preference if you want to use it or not, but many people do.

I would love to see a feature in all browsers that allows you to RESET it to the day it was born. I would include replacing all the files associated with it as well. Too often the only recourse is reloading the operating system. Flaws are something I expect in all software; I'd just like the ability to remove the nasty effects of those flaws easily.

[Bob Brinkman]

I'm not sure how effective it would be

But you could try using the repair feature from Add/Remove programs sometime with I.E. it may clear a few things up.

The problem with alot of the malicous stuff (in windows)though is that it adds entries to your run key and it just gets reinstalled the next time you reboot. So without cleaning that up (something I would not suggest w/o being familure with it first) you would just get the same poblems over again.

[MS789]

I thought fireflops was immune to viri

at least that's what the blind followers were always saying....................

[Johnny Mnemonic]

Not quite.

You will always be vulnerable if you have an
unstable platform...

IE + Windows = Bad
IE + Linux = Good
Firefox + Windows = OK
Firefox + Linux = Excellent

[Earl Benser]

Think again....

.... no one ever said that..

Linux is nowhere near the security problem that Windows is, and
FireFox, while not perfect, blows IE out of the water for security.
Simple facts of life. Get yours straight.

[S7777]

Hmm, I found a new 'flaw ' this morning

I was using IE this morning to download the latest msi installer from the MS site (the browser autoloads from .NET installer despite having FF as default). WinPatrol tells me that a RunOnce is being initiated, BEFORE I Clicked anything on the page. Are some 'flaws' voluntary? Or do I just need to avoid bad sites?