Firefox security hole + workaround

Secunia reports a frame-injection vulnerability in Firefox 1.0.3 and
1.0.4. Mozillazine has details, including a comment that you can close the hole (until 1.0.5 is released) by clicking Tools, Options, Advanced, Tabbed Browsing and changing “open links in a new window” to “open links in a new tab in the most recent window”:

A Secunia bulletin also notes that a similar hole has existed in Internet Explorer 5.x and 6.x since June 2004 and has not yet been patched by Microsoft (but there is a workaroud).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.