NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0372 Mozilla Ups Firefox Bug Threat:
Mozilla Corporation bumped up the threat ranking for an
unpatched Firefox bug to "high" but promised a fix is coming in
Version 2.0.0.12, now slated for release on 05FEB. The company's head of
security confirmed that the browser, when running any of more than 600 add-ons,
could be exploited to steal session information, including session cookies and
session history." Firefox is not vulnerable by default. Only users that
have installed 'flat' packed add-ons are at risk.
(ComputerWorld 30Jan08)