CyTRAP Labs’ reminder - 2008-03-27 - security update for Mozilla Firefox, Mozilla Thunderbird, and SeakMonkey
| The Mozilla Foundation has issued an important security patch for Mozilla Firefox, Mozilla Thunderbird and Seamonkey that fix 7 critical vulnerabilities (Please click on the link, choose Login as guest - click on this link again and voila free access) |
| If you have chosen the option that the program checks regularly with the Mozilla Foundation’s website for updates , the security update should have been downloaded BY NOW automatically or next time you log onto the internet (for more details see below |
| CyTRAP Labs security risk barometer - 4 = critical |
||||
| low | elevated | moderate- ly critical |
critical | severe |
| 1 | 2 | 3 | 4 | 5 |
For more information and explanations about the CyTRAP Labs risk barometer you can visit here:CyTRAP Labs security risk barometer
60% OF OUR READERS SUBSCRIBE
WHAT CAN YOU DO?
| CyTRAP Labs security risk barometer - 4 = critical |
|
| operating system affected |
|
| affected software |
|
| risk | rating given for these vulnerabilities is a 4 (four) |
| where is the patch? | depending upon the program you run:
To download any of these versions you need admin rights on your PC of course |
| what should one do? | The Software Update preference pane is set to automatically check by default if you have the latest version installed.Hence, once you go onto the internet, the latest version should be downloaded automatically, if you are not sure, read below we tell you how to check and download manually if need be - quick and easy. |
| how can I check that I do have the latest version installed | click Help > About Firefox or About SeaMonkey from the Help menu this shows which version runs on your machine or click onHelp > check for updates - if you do not have latest version already installed, Firefox will download it now if you have administrator rights for this PC |
| not patching the vulnerability could cause what kind of damage to my PC? | 2 could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious file2 bypass security restrictions, cause a denial of service or compromise an affected system.2 being executed on your machine without your authorization.a few more nasty things… |
| where can one get more details from the vendor? | vendor has issued several security bulletins:MFSA 2008-14 through MFSA 2008-19 - March 25, 2008 |
| where can you get more technical information about the vulnerabilities | CVE-2008-1241, CVE-2008-1195, CVE-2008-1240, CVE-2008-4879, CVE-2008-1238, CVE-2008-1236. CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-0416, |
| release date from vendor | 2008-03-25 (Pacific Standard Time) |
| why is this a reminder and not an alert? | security alert or reminder - that’s the question |
| did CASEScontact.org release an advisory about this earlier? | no - neither exploit code was published nor any details before the vendor issued a patch |
| did CASEScontact.org release a zero-day advisory | nothing was necessary (see above) patched zero-day archive |
For better risk management, compliance and protection - become a member of the 60% of our READERS THAT HAVE MADE SURE THEY GET A SUBSCRIPTION
- advisory, zero-day exploits and regulatory intell via alert, newsletter or 
RSS feed
or just make your choices at CyTRAP Labs subscription portal
For a previous reminder please see here:
purchase generic cialis cheap viagra substituteviagra cialisorder viagra cialisbuy sublingual viagraorder sublingual viagrabuy sublingual cialisorder sublingual cialisorder revatiobuy revatiobuy cialis jellyorder cialis jellybuy viagra jellyorder viagra jellyorder female viagrabuy female viagraorder vpxlorder levitra professionalorder levitra professionalbuy levitra professionalpurchase levitraorder levitrabuy levitraorder cialis soft tabsbuy cialis soft tabsorder viagra soft tabsbuy viagra soft tabsorder cialis super activebuy cialis super activeorder viagra super activebuy viagra super activepurchase generic cialisorder generic cialisbuy generic cialispurchase generic viagraorder generic viagrabuy generic viagra purchase cialis professional cialis professional online purchase viagra professional viagra professional online order brand cialis cialis discount cialis price cialis online brand viagra price brand viagra online viagra discount cheap viagra viagra online
CVE 2008 1195, CVE 2008 1236, CVE 2008 1238, CVE 2008 1240, CVE 2008 1241, CVE 2008 4879, CyTRAP labs, CyTRAP Labs reminder, Firefox, MFSA 2008 14, MFSA 2008 15, MFSA 2008 16, MFSA 2008 17, MFSA 2008 18, MFSA 2008 19, Mozilla, Mozilla SeaMonkey, Mozilla Thunderbird, operating system, security patch, vunlerabilities, Windos Vista, Windows XP
