Friday, April 6th, 2007

Update Firebug to 1.0.4

Category: Tip, Utility

Update — go get 1.04 — its a more robust fix for the security issue – read Joe’s comment here.

Joe Hewitt has posted an update to Firebug that you should grab right away as it fixes a couple of issues and covers a 0-day security hole.

The update has been published to addons.mozilla.org, so you can get it by updating Firebug from the Firefox Add-ons window. Alternatively, you can install the update using the big orange button on the getfirebug.com home page.

Posted by Dion Almaer at 2:00 am
6 Comments

++++-
4.2 rating from 31 votes

6 Comments »

Comments feed TrackBack URI

ouch… this is the blog page that discussed the issue http://www.gnucitizen.org/blog/firebug-goes-evil

Comment by kongo — April 5, 2007

Thanks for posting this Dion. :)

Comment by Rey Bango — April 5, 2007

/me updates…

How did the article writer know I was a geek?

Comment by Mike Ritchie — April 5, 2007

Wow, that exploit is pretty serious. Once an attacker can control FF chrome from an *extension*, they basically can do whatever they want to the underlying OS. Something about that doesn’t seem quite right.

Comment by Rob Sanheim — April 5, 2007

Time for Firefox to get “Protected Mode”.

Comment by Steven — April 5, 2007

Here is the new vulnerability that caused 1.0.4 to be released, together with some thoughts on Chrome security:

http://larholm.com/2007/04/06/more-0day-in-firebug/

Comment by Thor Larholm — April 6, 2007

Leave a comment

You must be logged in to post a comment.