[Kamikaze]

The listed Mozilla.org software uses the shell: protocol handler for its browser, apparently this passes stuff off to Windows APIs. Looks like the Windows APIs were bugged (and it was exploited), and Mozilla.org has released a fix to work around it.

The bug makes it possible for arbitrary execution of code via the software.

Note that non-Windows users of the software don't have to do anything.

http://www.mozilla.org/security/shell.html

[SA22C]

Thanks for the heads up.

[Taristin]

Yeah. I'll have to patch that up when I get the modem back.

[kasperl]

I got the patch when I booted up mo today. I'll update my laptop when I get it back.

[vyper]

Good man, Kam. I updated the minute I saw this thread, you quite possibly saved a lot of ppl's browsers around here.

[karajorma]

I love the fact that even when there is a mozilla exploit the underlying cause is still MS

[IceFire]

Originally posted by karajorma
I love the fact that even when there is a mozilla exploit the underlying cause is still MS

I KNOW...its so funny and disturbing at the same time

Thanks for letting us know.  Updated and patched.

[WMCoolmon]

It was also much easier to fix than it would be using IE...didn't even have to restart.

[Sandwich]

I wish I could upgrade my Mozilla beyond 1.5. Danged screwiness.

[IceFire]

Originally posted by Sandwich
I wish I could upgrade my Mozilla beyond 1.5. Danged screwiness.

Wha?

And why not use Firefox?

[Sandwich]

I do use Firefox from time to time, but it's still too buggy for me to step over the 50/50 line from Mozilla. I'm a very heavy power user, and I demand a lot from my software.

[Setekh]

Hey, cheers. I'll go let my brother know, he swears by Firefox.

[Kamikaze]

Sorry to bump this everyone, but an interesting related article came up.

http://www.infoworld.com/article/04/07/12/HNmicromozilla_1.html

To sum it up, the shell: exploit may affect Winword and MSN messenger.

Alternatives to Winword:
http://www.openoffice.org/
http://www.abisource.com/

Alternative to MSN messenger:
http://gaim.sourceforge.net/

[WMCoolmon]

Though my opinion has soured due to the lack of updates for the basic version,

http://www.trillian.cc

[Lonestar]

Originally posted by WMCoolmon
It was also much easier to fix than it would be using IE...didn't even have to restart.

You dont have to restart every time you update IE. of times you dont have to restart windows XP at all. By the same token, ive never had to worry about 3rd party software being buggy or exploitable.
Why do people replace perfectly good working Windows programs with buggy 3rd party software?

I could understand if you used a non-windows OS, but on a windows system? Doesnt make much sense considering how easy it is to use IE and how stable it is.

Stop being a corporate guinea pig and just accept the good things we have!

[Kamikaze]

Wait a second, you're calling Firefox/Mozilla users corporate guinea pigs? When you're advocating corporate products (from a monopoly too) in a thread about how this particular corporation has fscked up APIs?

[WMCoolmon]

IE has no tabs, and Firefox just seems a lot more stable than it.

Plus it means if I ever use a non-Windows system, I already know a good browser that I can use.

[karajorma]

Originally posted by Lonestar
Stop being a corporate guinea pig and just accept the good things we have!

I've already said (admittedly on the other mozilla thread) that I use Mozilla because it has features I like that IE doesn't have. It is also more secure. It is also more stable.

When I used IE I would find that it would lock up causing me to have to kill it from the task manager every few days.

With Mozilla I've had to do that twice in the last few months.

And yet you still claim that using IE would be a better choice?

What the **** are you on Lonestar? If new features aren't damn good reasons for using a different piece of software I don't know what is.  Tell me this, do you use WordPad for all your word procesing needs cause it too comes with the OS?