Just for a change of pace, here is a security flaw that effects a browser other then IE, In this case it’s Mozilla and Firefox.
This is not a critical flaw as such, and in some quarters it’s viewed as a feature.
Its not a flaw that will compromise your machine, or steal your data, but what it can do, is start any application on your computer if you visit a page that uses a link with shell: instead of http:
To find out if your browser is affected, try putting the following into your address bar:
shell:.mp3
Followed by hitting enter of course. If your systems chosen MP3 player starts up, then you have the “feature”.
The fix is pretty simple, go and load an extension that closes up that functionality.
The extension in question can be found at update.mozilla.org
This is not a new issue, its been discussed in the past by developers, it’s actually a feature designed to help Mozilla deal with applications that are part of the system it is running on, but new versions of Firefox and Mozilla will turn it off until you select to turn it on, on a case by case basis.
This only works on win2000 and XP systems, so if you are running 98 or ME, you don’t need to do anything.
Oh, and Linux and Macintosh are totally unaffected by this one as well.
More info is available on Eweek.
regards
Franki