p2pnet.net News:- Mozilla has hired an ex-Microsoft security strategist, says The Register, continuing:
"Window Snyder (sic), Mozilla's new Chief Security Something, an unusual job description but one not out of keeping for an organisation that used to to be run by someone who rejoiced under the title of Chief Lizard Wrangler, has pledged to trim redundant code in a bid to bolster security."
Snyder founded security consultancy @stake before joining Bill and the Boyz, "where she was involved in signing off the code for Windows XP SP2 and Windows Server 2003, before leaving to found Matasano Security," says the story.
Meanwhile, the newly released, and latest, version of Firefox fixes at least seven security holes, including at least four flaws that attackers could use to install software on vulnerable computers, says The Washington Post, continuing:
"Firefox version 1.5.0.7 patches several serious security vulnerabilities, including a potential threat to the security of the browser's automatic update functionality, as well as one demonstrated last month that could allow bad guys to fool the browser into accepting perfectly forged digital certificates of the sort typically used to verify the authenticity of a secure Web site or digitally signed e-mail."
If you're using any version of Firefox 1.5, the browser should already automatically downloaded and install the update, but if you're using an older Firefox, "it's time to uninstall the old version (might want to back up that profile first) and upgrade to the latest version," suggests the Post.
p2pnet
