New Firefox protocol abuse problem

Rated Highly Critical by Secunia
Affecting Windows XP SP2 and Server 2003 SP2

"Security researchers have discovered a new set of protocol abuse problems with Mozilla Firefox, warning that the popular open-source browser is a sitting duck for code execution exploits."

http://blogs.zdnet.com/security/?p=402&tag=nl.rSINGLE

"Successful exploitation requires that Internet Explorer 7 is installed on the system."

This affects fully patched Firefox 2.0.0.5, and can be triggered by simply clicking a link.

Temporary workarounds are listed in the article.

 

God , may I go only with this

If I have to adjust my programs so much for every exploit found , I will need to spend 4 hours everyday in front of my computer doing "nothing" .
I think I'll rely on my common sense , as always

 

Always the best "workaround". Would that everyone did the same.

 

This problem is only "highly critical" for people who are not using any process execution blockers (HIPS), and besides FF seems to warn you when an external apps wants to be launched. So I was never really worried about this stuff.