1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Incompatibility Between Firefox and Internet Explorer Causes Security Hole

Discussion in 'News' started by HellasVagabond, Jul 12, 2007.

  1. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    If both IE and Firefox version 2.0, or later are loaded on a persons computer a zero day security hole may occur.

    The trouble begins when visiting a site with malicious content while using IE. The site then registers a "firefoxurl://" URI (uniform resource identifier) handler, that gives access to that site and allows it to interact with IE.

    The Security researcher named Thor Larholm who discovered the Security Hole and Symantec put much of the blame on IE, while Secunia's chief technology researcher named Thomas Kristensen, blamed FireFox for this Security Issue.

    Source : Zdnet
     
  2. cmberry20

    Joined:
    Aug 30, 2004
    Messages:
    146 (0.04/day)
    Thanks Received:
    7
    Location:
    Worcester, England
    "If both IE and Firefox version 2.0, or later are loaded on a persons computer a zero day security hole may occur."

    That quote in it self will apply to 99% of PC users as IE comes fully installed on all XP & Vista machines.
    So just installing Mozilla will causes this scenario to happen.
     
  3. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    Not quite. You have to be using IE, and "Mozilla" is just a company. ;)

    Firefox is the vehicle, but it's relaly IE's fault.

     
  4. Darknova

    Darknova

    Joined:
    Nov 8, 2006
    Messages:
    5,037 (1.59/day)
    Thanks Received:
    535
    Location:
    Manchester, United Kingdom
    HAHAH, they BOTH are too blame. IE for having the security flaw...and Firefox for...oh yeah, having the security flaw.
     
  5. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    Firefox's only involvement is being installed.
     
  6. Darknova

    Darknova

    Joined:
    Nov 8, 2006
    Messages:
    5,037 (1.59/day)
    Thanks Received:
    535
    Location:
    Manchester, United Kingdom
    If it wasn't installed there wouldn't be a problem....hence it has a security flaw. Maybe not some gaping hole like IE has, but still a flaw none the less.
     
  7. Telexen New Member

    Joined:
    Jul 12, 2007
    Messages:
    16 (0.01/day)
    Thanks Received:
    1
    But if it's installed on Linux, where IE doesn't belong - then it has no problem :D
     
  8. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    It's a flaw because it takes advantage of IE when Firefox is installed. It has nothing to do with Firefox. It's entirely IE's shortcomings that makes this a risk.

    I'll quote this yet again:

     
  9. Darknova

    Darknova

    Joined:
    Nov 8, 2006
    Messages:
    5,037 (1.59/day)
    Thanks Received:
    535
    Location:
    Manchester, United Kingdom
    It is not entirely IE's fault. I understand exactly how the risk came about, I understand how it is attacked, and I understand the under lying fault is with IE. However without FF there is no problem, as FF, in a sense, opening up the hole.

    I still agree entirely that it is mostly IEs fault, but FF is not entirely blameless.
     
  10. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,106 (1.40/day)
    Thanks Received:
    245
    Location:
    Kansas City, KS
    But... Can this be used if something other than firefox were to use the same method?

    Its ie.. :laugh:
     
  11. Benpi New Member

    Joined:
    Dec 14, 2006
    Messages:
    415 (0.13/day)
    Thanks Received:
    3
    If you're an anti-MS club member (or own a mac), then this is 100% IE's fault. If you're in the MS fanclub, it's FireFox's fault. If you really don't give a shart, it's both of their fault.
     
  12. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    There is skewed logic working here. The flaw exploits a hole in IE, but it only works if Firefox is installed. Firefox has nothing to do with IE not escaping characters. If a patch comes out, it'd be for IE, not Firefox.
     
  13. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,106 (1.40/day)
    Thanks Received:
    245
    Location:
    Kansas City, KS
    Exactly.

    If you wanna scrape it up to fanboi-ism, GTFO.

    The fix will be for IE.
     
  14. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    Calm down people.... :)
     
  15. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    Calm as can be. Don't know why the mods have been exaggerating intensity.
     
  16. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    Anyways everybodys goal is for this to get fixed so no point arguing about IE and Firefox.
    Both are Outstanding Browsers.
     
  17. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    Quick fix. Don't use IE. :D
     
  18. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    I like it far more than Firefox.....And im sure many people do also.....However lately MS is releasing updates once a month so no problems there :)
     
  19. demonbrawn

    demonbrawn New Member

    Joined:
    May 14, 2006
    Messages:
    1,006 (0.30/day)
    Thanks Received:
    13
    Location:
    Kentucky
    I personally like Firefox because of all the little free add-ons. Anyway, I don't think it really matters which program caused the issue as long as it gets fixed.
     
  20. GJSNeptune

    GJSNeptune New Member

    Joined:
    Apr 24, 2007
    Messages:
    2,571 (0.86/day)
    Thanks Received:
    105
    Location:
    Ohio
    It matters when one is being falsely accused and criticized.
     
  21. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    It takes both program faulty codes to create this mess GJSNeptune...Its not just 1 of those 2 thats bad.
     
  22. Ketxxx

    Ketxxx Heedless Psychic

    Joined:
    Mar 4, 2006
    Messages:
    11,510 (3.38/day)
    Thanks Received:
    570
    Location:
    Kingdom of gods
    The only flaw that was made was the creation of Internet Explorer.
     
  23. WarEagleAU

    WarEagleAU Bird of Prey

    Joined:
    Jul 9, 2006
    Messages:
    10,812 (3.30/day)
    Thanks Received:
    547
    Location:
    Gurley, AL
    Firefox is the bomb. Safe and secure, but now it seems folks are targetting it. I guess they are tired of everyone ragging IE
     
  24. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,106 (1.40/day)
    Thanks Received:
    245
    Location:
    Kansas City, KS
    It sounds like IE is not handling certain text correctly... enabling something to take advantage of an internal link ability of firefox... with this, simply patching IE would....... solve the problem, would it not?
     
  25. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.10/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    We will see...If MS is the only one to release a patch yes, but if Mozilla releases an update too then no :)
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page