Firefox 104 — as well as Firefox ESR 91.13 and 102.2 — patches a high-severity address bar spoofing issue related to XSLT error handling. The flaw, tracked as CVE-2022-38472, could be exploited for phishing. The latest Firefox release also resolves CVE-2022-38473, an issue related to cross-origin XSLT documents that could pose security and privacy risks. […]
Posts Tagged ‘Mozilla’
February 2022 Patch Tuesday was an anomaly. Not only did we see record low numbers of vulnerabilities addressed across all of Microsoft’s operating systems, but we also saw for the first time in my experience that all the updates were only rated Important. After the reissuing of updates in January, we expected fewer CVEs would […]
Starting with Firefox 93, the browser blocks insecure HTTP downloads on encrypted (HTTPS) pages, to keep users safe from potentially unwanted or even malicious downloads. Given that data transmitted over HTTP isn’t protected, attackers able to intercept that data could not only view it, but also tamper with it. Thus, attackers could potentially replace files […]
Category Privacy protectionSecurity
0 Comments
THURSDAY, APRIL 25, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments