2010-03-23 07:19:27
The German government has issued a warning about using the Firefox browser
because of security issues.
The Federal Office for Information Security made a similar ruling on the safety
of Internet Explorer in January.
The office warned that the Firefox vulnerability, confirmed by Firefox makers,
could allow hackers to run malicious programs on users' computers.
A new browser release at the end of the month will fix the bug which relates to
the current version, Firefox 3.6.
A "beta" or test version of that release, Firefox 3.6.2, is already available
but has not yet been fully tested.
The BergerCERT team of the Federal Office for Information Security (BSI) has
recommended that users stop using Firefox until the tested fix is released - in
a move remarkably similar to the January announcement, in which France followed
suit just days later.
Fox swap?
The Firefox vulnerability was confirmed by maker Mozilla last week on its
security blog, when it promised that the next official release would address
the issue.
It is only the current version that is affected, but given that prior releases
have different vulnerabilities, reverting to an older version of the browser is
ill-advised.
Switching to a different browser may not be a good solution either, said Graham
Cluley, senior technologist at security firm Sophos.
"Switching your web browser willy-nilly as each new unpatched security hole is
revealed could cause more problems than it's worth," he said.
"What are you going to do when your replacement browser itself turns out to
contain a vulnerability?
"My advice is to only switch from Firefox if you really know what you are doing
with the browser you're swapping to. If you stick with Firefox, apply the
security update as soon as it's available."
Mozilla said it hopes to have the latest version ready ahead of the official 30
March release date.
"Last week we informed our users that the upcoming security release of Firefox
3.6.2 would include a fix for an exploit that was disclosed to us just over a
week ago," said a Mozilla spokesperson.
"Mozilla is aware of the BergerCERT recommendation to avoid using Firefox 3.6,
and encourage users to download the beta version of Firefox 3.6.2."
Story from BBC NEWS:
http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/8580716.stm
Published: 2010/03/22 16:44:41 GMT