Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - New Exploit in Firefox-Major Extensions Vulnerable

An anonymous reader writes: Christopher Soghoian, the fake boarding pass guy is at it yet again. He has announced a new vulnerability in the extension update mechanism in the Firefox Web Browser. A number of high profile commercial extensions are vulnerable including Google Toolbar, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker. A malicious hacker can trick a user's computer into installing malicious software that can spy on the user, or hijack e-banking sessions. Until vendors release updates, users should remove or disable all at risk Firefox extensions. More information on the vulnerability is available here, while a demo video of one of the attacks can be seen here: (12MB Quicktime).

All science is either physics or stamp collecting. -- Ernest Rutherford

Working...