Mozilla Fix

Mozilla is working to fix a browser fault that could give attackers unauthorized access to data on a victim's machine. Firefox is investigating the issue and has rated it as a low-severity problem. But who know’s that it may be worse to you and me, Mozilla Firefox Users.

Gerry Eisenhaur was the first person to find out this problem, the problem that could lead to data leakage. According to his research, “The problem is similar to other data leakage flaws found in the open-source browser”. He has posted sample code that reads the contents of a Mozilla Thunderbird preferences file, but he believes that attackers could get access to more information with variations on his attack. He wrote in his blog posting, "It's possible to load any JavaScript file on a victim's machine," "This looks very interesting and may have bigger potential, but for now, it's just another information disclosure." "It could become something more if there was an application that stored sensitive data inside JavaScript files," "Some plugins have been known to store usernames and passwords." "It’s also just a powerful way to do recon,"

Hackers have discovered a number of leaks or flaws in recent months that take advantage of the way that browsers pass information between different components within the Windows operating system. Some of these URI (Uniform Resource Identifier) protocol handler flaws have led to serious security problems for both Firefox and Internet Explorer. Mozilla's security chief Window Snyder said in her blog posting that this latest flaw affects only certain Firefox add-ons, such as the Download Statusbar or Greasemonkey, which store scripts in a fashion that lets them be, discovered on the hard drive.

But don’t get panic; Mozilla is trying to fix the fault. The users like me and you should be always be cautious about these kind of faults and flaws.