The German government has warned its citizens not to use Mozilla’s Firefox browser until a security vulnerability is fixed.
The advisory was issued 19 March by BürgerCERT, Germany’s Computer Emergency Readiness Team in response to a vulnerability reported by Russian security researcher Evgeny Legerov. Legerov, who is the founder of the Moscow-based security firm Intevydis, discovered the bug last month and added it as a module to Vulndisco, an add-on to the Immunity Canvas exploit system used by security pros for penetration testing.
Earlier this year, Germany and France urged users to ditch Microsoft Internet Explorer (IE) as a result of the Aurora attack on Google, Adobe and other corporations. In that case, the attackers exploited a security vulnerability in IE that Microsoft began investigating in September but had failed to patch. The company fixed the flaw in January.
“Switching your web browser willy-nilly as each new unpatched security hole is revealed could cause more problems than it’s worth,” blogged Sophos Senior Technology Consultant Graham Cluley. “For instance, imagine how much training some users will require to switch from one browser to another. And it’s worth bearing in mind – what are you going to do when your replacement browser itself turns out to contain a vulnerability? Are you going to switch yet again?”
Mozilla did not respond immediately to a request for comment on the German government’s advisory. But the company has said the vulnerability will be fixed in Firefox 3.6.2, which is scheduled to be released on 30 March. The release candidate for the browser already contains the fix, and can be downloaded here.
Thunderbird and SeaMonkey are based on earlier versions of the browser engine and are not affected, according to Mozilla.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…