| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Firefox Update Leads to Java, Flash Glitches | |
|
||
| Time: 09:09 EST/14:09 GMT | News Source: CRN | Posted By: Brian Kvalheim | ||
If you, a customer, or someone you know uses Firefox, you or they probably had to stop at some point over the past week and install it's 2.0.0.8 update. So you may want to know about this, from Percy Cabello at Mozillalinks.org:
| ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 314 Last | Next |
The time now is
1:44:24 PM
ET.
Any comment problems? E-mail us |
| #1 By 37047 (216.191.227.68) at 10/25/2007 11:45:16 AM |
| It should be mentioned that this is a Firefox on Vista problem, caused by UAC preventing registry updates. This does not occur on non-Vista Windows systems. |
| #2 By 81201 (79.0.20.199) at 10/25/2007 12:15:42 PM |
|
@MysticSentinel
In XP, Firefox works only as administrator account. Firefox is poorly written! |
| #3 By 23275 (71.12.191.230) at 10/25/2007 12:30:54 PM |
|
#2, ditto that - it is especially sad since Proctected Mode's API and that of the UIPI are not only available to Moz/FOSS, they were offered a lot of direct assistance in using them.
I mean, if a tiny outfit like mine can use it, anyone can! There is no excuse whatever from a technical perspective in my view, [from my favorite things about Vista:] 10 - Windows Vista's Integrity Mechanism Windows Vista includes an addition to the access control security mechanism of Windows that labels processes and other securable objects with an integrity level. Internet-facing programs are at higher risk for exploits than other programs because they download untrustworthy content from unknown sources. Running these programs with fewer permissions, or at a lower integrity level, than other programs reduces the ability of an exploit to modify the system or harm user data files. Internet Explorer 7 in Windows Vista uses the Integrity Mechanism and it is what is behind IE 7's Protected Mode. But That is only the beginning - ANY developer has access to the tools that make this possible and it gets better, any single process may be executed in this space, or any grouping of them - so the parts of an application that face the Internet should use them. Think of these as objects, or securable objects in MS speak - see, http://msdn2.microsoft.com/en-us/library/aa379557.aspx also see, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/IETechCol/dnwebgen/ProtectedMode.asp 9 - User Interface Privilege Isolation (UIPI) prevents processes from sending selected window messages and other USER APIs to processes running with higher integrity. If UAC and Protected Mode are straight rights in Vista's security arsenal, the UIPI is one of Vista's stiff jabs. UIPI continually counters attempts to escalate processes and it keeps bad-guy-code off balance. At the same time, it provides developers with an easy way to check process escalation without burning the user experience. Go here to learn how to use it, http://msdn2.microsoft.com/en-us/library/ms644950.aspx |
| #4 By 54556 (67.131.75.3) at 10/25/2007 2:06:41 PM |
| We know/experience that Shockwave requires Admin privileges, but have no problems at all running Firefox with non-administrator accounts. |
| #5 By 32132 (142.32.208.232) at 10/25/2007 2:20:28 PM |
|
#1 Even Mozilla isn't trying to blame it all on Vista.
They screwed up. "The 2.0.0.8 release fixed some 200 issues, but accidentally regressed a few things." Bug 400406 - Firefox will ignore the “clear” CSS property when used beneath a box that is using the “float” property. There is a temporary workaround JS/CSS code available for web developers with affected layouts. Bug 400467 - Windows Vista users will get “Java not found” or “Java not working” errors when trying to load Java applets after updating. To fix this, users can right-click the Firefox icon and “Run as administrator”, then browse to a page with a Java applet — doing this once will fix the problem and permanently restore Java functionality. Bug 396695 - Add-ons are disabled after updating. Users can fix this problem by opening their profile folder and removing three files (extensions.rdf, extensions.ini and extensions.cache) Bug 400421 - Removing a single area element from an image map will cause the entire map to disappear. There is no workaround available at this time. Bug 400735 - Some Windows users may experience crashes at startup. There is no workaround available at this time. http://developer.mozilla.org/devnews/index.php/2007/10/22/firefox-2008-update-to-be-updated/ |
| #6 By 23275 (71.12.191.230) at 10/25/2007 2:25:27 PM |
| #4, Yes, but... that does take away from the plug-ins and add-ons that are so often held out as being such a strength for FF/Moz. It does suggest that there is less consistency in that context and in many cases, more holes, or vulnerabilities as a result of how one must then run FF/Moz. |
| #7 By 54556 (67.131.75.3) at 10/25/2007 2:41:49 PM |
| Macromedia botches a plug-in that they authored and it Mozilla's fauly???? You are too funny. |
| #8 By 23275 (71.12.191.230) at 10/25/2007 3:46:33 PM |
|
#7, No. Not funny. I am saying that the "model" needs to be examined for what it is - and further, suggest that the model [open to third party plug-ins/add-ons] would benefit from securable objects and the UIPI that are available - so..... in this bigger, connected - we're all in this together kind of world that the "model" uses, I assess that the "model" needs to be examined - not just the one outfit's code by itself.
So yes, ultimately, because it is Moz/FF's design, it's architecture, IT IS their responsibility and if you like, "their fault." That's how I see it. Just an opinion and we all know what that really means - but I do know, in my unit we take ownership of all things that touch our customers in the context of technology. We fix it and keep score later - so we can avoid the same challenges later. I do assess the securable objects and UIPI as manifest in IE 7 on Vista's Protected Mode is something Moz/FF ought to use. They may be working that up now - hard to say, or they may get access to green border that Google bought for them, but that isn't the same, or enough. Time will tell - I just hope that in the meantime, no one attempts to seriously suggest that FF is more secure than IE 7 on Vista. The science just isn't there any longer. At www.hautesecure.com to IE 7 on Vista and one can be assured they are pretty safe. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 314 Last | Next |
The time now is
1:44:24 PM
ET.
Any comment problems? E-mail us |
