Articles in “Firefox”

Comodo Certificate Issue – Follow Up

This is a follow-up to the previous Mozilla report about the fraudulent certificates issued by Comodo last week. On 15th March 2011, a RA partner of the Comodo CA suffered … Read more

Firefox Blocking Fraudulent Certificates

Issue Mozilla has been informed about the issuance of several fraudulent SSL certificates for public websites. The certificates have been revoked by their issuer which should protect most users. This … Read more

Cooling Down the Firesheep

There have been a number of reports about a new Firesheep tool that exposes a weakness in website security, letting attackers snoop on people using public networks, steal their cookies, … Read more

X-Frame-Options

One of the security enhancements included with Firefox 3.6.9 is support for the x-frame-options header. This optional header can be included within the HTTP response to instruct the client’s browser on whether the returned content is allowed to be framed by other pages. Read more

HTTP Strict Transport Security

A while ago, we talked about Force-TLS that lets sites say “hey, only access me over HTTPS in the future” and the browser listens. Well, this idea has been solidifed … Read more

Firefox 3.6.2 Released

Mozilla has accelerated its timetable and released Firefox 3.6.2 ahead of schedule. This release contains a number of security fixes, including a fix to Secunia Advisory SA38608 which was previously … Read more

Secunia Advisory SA38608

Mozilla is aware of the claim of a zero-day in Firefox as posted here: http://secunia.com/advisories/38608/.  We cannot confirm the report as we have received no details regarding the reported vulnerability, … Read more

Mozilla Plugin Check Now Live

A little over a month ago, I talked about a project we had started to inform users when their plugins were out of date. This is a really important project … Read more

A Glimpse Into the Future of Browser Security

As we mentioned earlier we’ve been working for the past few months on turning the Content Security Policy specification into working Firefox code. (You’ll remember that CSP is a framework … Read more