The Impenetrable Firefox?

vulnerability Firefox

That kidding around turned into surprise when the researchers, a team from Radware Ltd., discovered a vulnerability in approximately under an hour.

The team, led by Itzik Kotler, Security Operation Center (SOC) Team Leader, discovered that HTML tags comprised in a certain order can cause a Denial of Service, crashing Firefox 3.0 and the Firefox 3.1 alpha release (code-named "Shiretoko").

If using multiple tabs in browsing, according to Kotler, "any unsaved or unsubmitted information within your tabs will get lost."

This vulnerability however is more of an inconvenience to users rather than a malicious threat. The researchers at Radware have found that no remote code can be injected or executed via this vulnerability.

id
unit-1659132512259
type
Sponsored post

The question remains however, as Firefox increases in popularity, will it become more of a target for threats?

"Yes" said Kotler, "Once software becomes popular, hackers want to increase their targets."

The Radware team has not found a patch to thwart this vulnerability as of yet. Kotley said, "We have communicated with Mozilla and gave them all of the proper information, I am sure they will develop a patch for it." Radware has also made CERT -- Carnegie Mellon University's Computer Emergency Response Team aware of their findings.

The discovery of this not-so-malicious vulnerability, does in no way infer that Mozilla will achieve the same vulnerability status that Internet Explorer holds. A reason for this is the way that Internet Explorer is engineered:

"IE, being an application has more connectivity features to other components in the system and#91;andand#93; has more ties with more code," said Kotler, "The more code the bigger the complexity."

And the more vulnerable. The fact that Firefox is stand-alone reduces the risk of the operating system it resides on being completely compromised.

Yet, it is still just a reduced risk, not a guarantee. It will be interesting to see if malware threats against Firefox increases.

Still, that conjecture is not affecting Firefox's popularity. And it certainly isn't affecting Itzik Kotler's choice of browser;

"I am still going to use Firefox" he said. He also added that he and his team are not trying to tarnish Firefox's reputation or put a scare into the public. For Kotler, the reason for their research is clear:

"We have customers to protect."