There is a kind of major security threat that isn’t really a threat but it is and yeah, I am very confused. Instead of trying to explain things I’ll share with you the information as I got it.
Ronald van den Heetkamp says that he found a vulnerability that effects all versions of Firefox (even the most recent 2.0.0.12 update). Found out about this over at Mozilla Links.
Then I go check out Asa’s blog to see what he is [...]

Extensions that auto-update? Yeah, there could be a threat there and we aren’t sure when a fix is coming.
This is actually a threat that I had considered once or twice before – but it seems like it is getting a little more “conversation” around the Web this time around. For the best description on what this security hole is all about – lets turn to CyberNet News.
So what’s the problem? When using an extension in Firefox it frequently [...]

Well it looks like the good times train has made a stop in bug city! I have no doubt though that the Mozilla folks will get this one squashed as soon as possible. Till then, it is always good to know the facts.
Today, Mozilla made public bug #360493, which exposes Firefox’s Password Manager on many public sites. The flaw derives from Firefox’s willingness to supply the username and password stored on one page on a domain to another [...]

Have you updated your version of Firefox yet?
Mozilla Corp. Thursday updated its Firefox browser to fix 7 flaws, including 4 pegged by the open-source developer as “Critical.” Of the four critical vulnerabilities patched in Firefox 1.5.0.7, none are currently being exploited, Mozilla said in detailed descriptions of each fixed flaw. In fact, Mozilla said in several of the descriptions that it was not sure whether the specific vulnerabilities could be exploited, but had issued patches just in case.
+ Read [...]

Well this is an interesting piece of news for the day. This is one of those things that you thought were bound to happen, but it doesn’t mean you have to be happy about it.

Virus writers have created a spyware package that poses as an extension to the Firefox web browser. FormSpy, which poses as the legitimate NumberedLinks 0.9 extension, is programmed to steal confidential information from compromised machines including passwords, credit card numbers, and ebanking [...]