back to article Unsanitary Firefox gets fix for critical HTML-handling hijack flaw

Mozilla has patched a nasty security bug in Firefox, affecting versions 56, 57 and 58, and their point updates. The CVSS-8.8-rated flaw means that if an attacker can get a user to open a malicious document or link, remote code execution becomes a possibility – allowing spyware, ransomware and other nasties to be installed and …

  1. Anonymous Coward
    Anonymous Coward

    Unintended confessions

    "That's not chrome as in Google Chrome, by the way, that's chrome as in a confusingly named component of the Firefox engine."

    Ah, not a web front-end developer? Oh, and never played much with rebuilding cars?

    'chrome' is a part of every browser and desktop application. It's the flashy personality wrapped around the guts, and everybody screams whenever there are changes to such. Don't you read ElReg?

    1. Michael Wojcik Silver badge

      Re: Unintended confessions

      And the only reason there's any confusion (if there is) is that Google are lousy at naming their products. Or they deliberately sow confusion.

  2. Anonymous Coward
    Anonymous Coward

    By Firefox 60 Market-share with be 0.1% sadly

    Mozilla you're stuck in a bubble up your own ass like the rest of the silicon valley... No, we wont accept plans to shows Ads through the Browser etc! Moved to Linux to get away from Win10 Ads shit, not accepting them in FF!

    1. Tigra 07
      Thumb Up

      Re: AC

      With any luck Ublock and Adblock will block Mozilla's Ads.

    2. Sandtitz Silver badge
      Unhappy

      Re: By Firefox 60 Market-share with be 0.1% sadly

      "No, we wont accept plans to shows Ads through the Browser etc!"

      The masses don't care about things like that. If people don't care about their privacy (Chrome has what, 60% share and growing?), they sure won't care about some start screen ads that can be toggled off.

      I can honestly see no way for Firefox to oust Chrome no matter what Mozilla devs do with the browser. Technical superiority doesn't matter, speed advantages etc don't seem to matter when they are fighting against Google.

      Chrome is sideloaded at several download sites along with e.g. free Adobe downloads, FF doesn't have that luxury. People will install FF deliberately if they have had previous contact with it (like I do). A Linux distro may have it preinstalled, but because Linux-On-Desktop is a niche it won't really help FF's share.

      Regarding your outlook on the dwindling market share Firefox has - how would you fix it? If you can pay mobile phone companies to preinstall it, pay for every other sw company to sideinstall and endorse FF and so on. Bidding against Google would be insane since they have infinite money and Google isn't dropping Chrome 'project' any time soon.

      1. Tigra 07

        Re: Sandtitz

        The only surprising thing to me is that the Firefox installer doesn't ask if you would like to install Chrome and set it as default (With the box already ticked).

    3. Pomax

      Re: By Firefox 60 Market-share with be 0.1% sadly

      Cool - looks like you also stopped paying attention to the changes in Firefox since then, eh? FF's ads in the browser was Brandon Eich's baby - who left and started his own browser ("Brave") that does that very thing. FF is better for it.

  3. Sitaram Chamarty

    "chrome"

    > "That's not chrome as in Google Chrome, by the way, that's chrome as in a confusingly named component of the Firefox engine."

    I'm pretty sure the usage of the word Chrome as a name for a component of Firefox predated Google's **confusingly named browser** by a good few **years**.

    1. Orv Silver badge

      Re: "chrome"

      The ironic thing was the early versions of Chrome had *less* chrome than contemporary browsers.

  4. Destroy All Monsters Silver badge
    Holmes

    "Such changes would inoculate Firefox 60 against a similar bug in future."

    Or maybe not.

    It all sounds like there is some kernel of permanent openness to Internet AIDS in there somewhere.

    It could have to do with downloading and executing Turing-complete languages and/or unconstrained input to be parsed by Turing-complete languages from the Interwoops,

    I dunno.

  5. Tigra 07
    Thumb Up

    That image takes me back to school days! Our computers were a little dirtier though. Ahh, the good old days when your storage mediums were huge and couldn't fit an Mp3 on.

    1. Martin an gof Silver badge

      Ahh, the good old days when your storage mediums were huge and couldn't fit an Mp3 on

      Or to put it another way, as I recently realised, just one normal JPEG from my ancient DSLR would need to be split over three 1.6MB 3.5" floppies (I was an Acorn user)

      M.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like