PaulSpoerry.com

Microsoft’s Internet Explorer has been getting all the attention lately because of a severe zero-day security hole(fixed), but Microsoft wasn’t the only one scrambling to fix its browser. Mozilla and Opera have issued quick patches to fix several security flaws in their browsers.

The Mozilla patches fix several severe security holes in Firefox 2.x and 3.x. These holes allowed crackers to run malicious code and install software on your machine without any user intervention, according to Mozilla.

Opera also announced an update to its browser that fixes 7 severe security holes affecting all platforms. “The update fixes seven security bugs, some of which were previously known. Version 9.63 of the browser addresses separate code injection risks stemming from flaws in HTML parsing and text inputing, respectively. A critical bug with similar arbitrary code injection risks involving the handling of long host names in files has also been patched. The latest version of the software also lances a cross-site scripting flaw, involving XSLT templates, as well as bugs in feed preview.”

Most of the attention went to Microsoft however, who released a patch (now available via Windows Update) for a zero-day vulnerability in pretty much every version of Internet Explorer. “The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.” The update is being pushed via Windows Update.

So… no matter what you’re using, look for an update!

Delicious Digg This Post Ping This Post Reddit Stumble This Post

Related posts:

1. FireFox 3.5.1 with critical fix (and the slow startup fix!)
2. PWN2OWN Hacking Competition – All browsers hacked