![]() ![]() "By only activating plug-ins that the user desires to load, we're helping eliminate pauses, crashes and other consequences of unwanted plug-ins," said Michael Coates, Mozilla's director of security assurance, in a Jan. The open-source developer also cited stability reasons for the move. Mozilla said the drastic step was needed to safeguard users from "drive-by" attacks, which trigger exploits as soon as a victim visits a malicious or compromised website. Computer Emergency Readiness Team (US-CERT) has recommended that browser users disable the Java plug-in until further notice. Earlier this month, exploits of a critical vulnerability in the Java plug-in were found packaged in several crimeware toolkits, and while Oracle quickly patched the bug, researchers first warned that the fix was itself flawed, then claimed an important Java anti-exploit defense could be circumvented.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |