Fluffy
Vote Stewart/Colbert in '08!
Forwarded from collegaes of mine:
----------------------------------------------------------------------------------------------------------
All locations: Feb. 3, 2006
ACTION: Critical vulnerabilities in Mozilla, Firefox, and Thunderbird
software
Several critical vulnerabilities have been identified within Firefox,
Thunderbird, and Mozilla software. These vulnerabilities, if exploited, can
lead to malicious software being run on affected computers.
AFFECTED SOFTWARE: To address these risks, it was determined that
the following versions represent unacceptable risk to network.
Firefox 1.5 and earlier (including versions 1.0.x)
Thunderbird 1.5 and earlier
Mozilla 1.7.x and earlier
ACTION: Systems with affected versions of these products must be remediated
as soon as possible, but not later than Feb. 17, 2006. The vendor has
addressed these issues in Firefox by providing a software update. Currently,
we are not aware of any vendor-supplied patches for Thunderbird and Mozilla.
Instead, take the action as described below to mitigate these issues. It is
likely that the vendor will provide updates to this software, but no
timeframe has been provided.
Firefox: Users with Firefox installed on their systems must upgrade to
version 1.5.0.1: http://www.mozilla.com/firefox/
Thunderbird: Users with Thunderbird installed on their systems must disable
java script:
1. Open the Tools menu and choose Options.
2. Under the Advanced category, go to Privacy Group.
3. Enable JavaScript in mail messages: Clear this checkbox to turn
JavaScript off.
Mozilla: Users with Mozilla installed must disable java script:
1. Open the Edit menu and choose Preferences.
2. Under the Advanced category, click Scripts & Plug-ins.
3. Enable JavaScript for: Clear these checkboxes to turn JavaScript off:
* Navigator: Toggles JavaScript for Web pages opened in Navigator.
* Mail & Newsgroups: Toggles JavaScript for web pages opened in Mail &
Newsgroups.
----------------------------------------------------------------------------------------------------------
All locations: Feb. 3, 2006
ACTION: Critical vulnerabilities in Mozilla, Firefox, and Thunderbird
software
Several critical vulnerabilities have been identified within Firefox,
Thunderbird, and Mozilla software. These vulnerabilities, if exploited, can
lead to malicious software being run on affected computers.
AFFECTED SOFTWARE: To address these risks, it was determined that
the following versions represent unacceptable risk to network.
Firefox 1.5 and earlier (including versions 1.0.x)
Thunderbird 1.5 and earlier
Mozilla 1.7.x and earlier
ACTION: Systems with affected versions of these products must be remediated
as soon as possible, but not later than Feb. 17, 2006. The vendor has
addressed these issues in Firefox by providing a software update. Currently,
we are not aware of any vendor-supplied patches for Thunderbird and Mozilla.
Instead, take the action as described below to mitigate these issues. It is
likely that the vendor will provide updates to this software, but no
timeframe has been provided.
Firefox: Users with Firefox installed on their systems must upgrade to
version 1.5.0.1: http://www.mozilla.com/firefox/
Thunderbird: Users with Thunderbird installed on their systems must disable
java script:
1. Open the Tools menu and choose Options.
2. Under the Advanced category, go to Privacy Group.
3. Enable JavaScript in mail messages: Clear this checkbox to turn
JavaScript off.
Mozilla: Users with Mozilla installed must disable java script:
1. Open the Edit menu and choose Preferences.
2. Under the Advanced category, click Scripts & Plug-ins.
3. Enable JavaScript for: Clear these checkboxes to turn JavaScript off:
* Navigator: Toggles JavaScript for Web pages opened in Navigator.
* Mail & Newsgroups: Toggles JavaScript for web pages opened in Mail &
Newsgroups.
