Zero-day security flaw leaves Firefox wide open
I was reading The Register website this morning when I came across a new Zero-day security flaw in Firefox. Although Firefox is allot safer than using Internet Explorer (6 and below and some would argue IE 7) it still comes with security concerns. All the fuss is about how FireFox handles uniform resource identifiers (URI’s) which allow FireFox to run programs found on a users PC.
This is essentially a MS Windows problem but the best step if you are not using Linux or Apple computers is to use and install the no-script extension for FireFox, I also use this excellent extension on my Linux and Mac versions of FireFox. No-Script in its simplest form no-script allows you to block sites executing javascript on your machine (it also stops cross site scripting attacks but thats not for this post!).
To install click on the No-Script link (using FireFox) and hit the install button. After a restart you will see at the bottom of your FireFox screen telling you that Javascript has been blocked.
Clicking on the options button in the yellow box will give you the option to:
- Permanently allow the site you are visiting
- Temporarily allow the site you are visiting
If you are visiting a trusted site such as this site!, google-analytics or http://www.bbc.co.uk I usually Permanently allow the site, otherwise I simply hit Temporarily allow in which case the site is allowed until I disallow it or exit FireFox.
Safe surfing!
Related posts:
- Basic Windows Security
- Use Safer Browsers Says France and Germany – Internet Explorer Exploited
- How to completely remove Firefox on mac OSx
- How to How to Uninstall McAfee Security Center
- Take a screen shot or screen grab on the iphone
