So there is a security vulnerability in all Mozilla variants that doesn't exist in IE for Windows XP - the Pandora's Box is officially open. A fix has been provided by the Mozilla organization that blacklists the shell: protocol and can be obtained :here: For those of you who are adept at modifying about:config, the fix involves adding a new preference as contained in the patch for Bug 250180 like so:
pref("network.protocol-handler.external.shell", false);
Windows XP users can read about the Shell Protocol :here:
No comments:
Post a Comment