Quote:
|
Originally Posted by thatmariolover
Hey hey. I don't know what else 0.9.2 added, but the security vulnerability you're talking about can also be fixed with this extension:
http://update.mozilla.org/extensions...id=154&vid=263
So, there may be no need to update at all, just install the extension and you'll be as safe as anybody else. |
This link has the first two options of updating:
http://www.mozilla.org/security/shell.html
I didn't say you needed to install a new build as in 0.9.2 to fix this. There are three options to fixing this:
1. The new 0.9.2 build
2. ShellBlock 1.0 extension (which is really not a extension depsite the .xpi but a small patch of code so it fixed it for all Firefox profiles)
3. changing the pref in about
:config as I posted in first post. ( only for the Firefox profile you were using at time)
Quote:
|
Originally Posted by Seven7
http://www.mozilla.org/security/shell.html
The third alternative is to set the pref network.protocol-handler.external.shell in about:config to false to remove the exploit. (This will only set it on your current profile, if you have more than one profile, or could be creating more, you should use the XPI or the updated build.)
|
Besides right now I am safe compared to the Firefox users on Windows as I am using Firefox on linux.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040707 Firefox/0.9.0+ (don't let the 0.9.0+ fool you as it is much more updated then 0.9.1 or 0.9.2)