| 1 |
Am Mittwoch 25 Juli 2007 04:10 schrieb fire-eyes: |
| 2 |
> Stratos Psomadakis wrote: |
| 3 |
> > i just did an update,and firefox 2.0.0.5 has been added to the tree(~ |
| 4 |
> > masked)... |
| 5 |
> > but i just read a post at slashdot.org that says about a password |
| 6 |
> > vulnerability of 2.0.0.5... |
| 7 |
> > here's the link: http://it.slashdot.org/article.pl?sid=07/07/23/1450224 |
| 8 |
> > |
| 9 |
> > i just want to ask if it's ok to update to the new firefox,or if it's a |
| 10 |
> > serious sec problem?... :/ |
| 11 |
> > |
| 12 |
> > thx... |
| 13 |
> |
| 14 |
> It's okay to update, as far as I know it's 2.0.0.5 and before (aka |
| 15 |
> everything...). |
| 16 |
> |
| 17 |
> Your best bet is to not use the password saving features, install |
| 18 |
> noscript (important: WIPE OUT it's whitelist, then selectively add sites |
| 19 |
> you trust). |
| 20 |
|
| 21 |
There is an addon called "Secure Login". I think it solved the original |
| 22 |
problem by preventing Firefox from sending paaswords without the users |
| 23 |
agreement but I'm not sure if it really helps at all. |
Archives