Articles in “Firefox”

HTTP Strict Transport Security

A while ago, we talked about Force-TLS that lets sites say “hey, only access me over HTTPS in the future” and the browser listens. Well, this idea has been solidifed … Read more

Firefox 3.6.2 Released

Mozilla has accelerated its timetable and released Firefox 3.6.2 ahead of schedule. This release contains a number of security fixes, including a fix to Secunia Advisory SA38608 which was previously … Read more

Secunia Advisory SA38608

Mozilla is aware of the claim of a zero-day in Firefox as posted here:  We cannot confirm the report as we have received no details regarding the reported vulnerability, … Read more

Mozilla Plugin Check Now Live

A little over a month ago, I talked about a project we had started to inform users when their plugins were out of date. This is a really important project … Read more

A Glimpse Into the Future of Browser Security

As we mentioned earlier we’ve been working for the past few months on turning the Content Security Policy specification into working Firefox code. (You’ll remember that CSP is a framework … Read more

Helping users keep plugins updated

Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old … Read more

URL bar spoofing vulnerability

Issue The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page. Impact to users If a user visits … Read more

How Mozilla finds crash bugs

This Tuesday (2009-07-21), I’m organizing a crash bug triage day where anyone interested can help us classify the swamp of open crash bugs. Join us in #bugday on if … Read more