Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

Typo in the "Mozilla Foundation Security Advisory 2010-52" (Windows XP DLL loading vulnerability)?

  • 1 个回答
  • 1 人有此问题
  • 9 次查看
  • 最后回复者为 DJ-Leith

DJ-Leith
DJ-Leith
more options

To: webmaster@mozila.org

Subject: Typo in the "Mozilla Foundation Security Advisory 2010-52" (Windows XP DLL loading vulnerability)?

Hi,

I think there may be a typo in the "Mozilla Foundation Security Advisory 2010-52" as found here


https://www.mozilla.org/security/announce/2010/mfsa2010-52.html and http://www.mozilla.org/security/announce/2010/mfsa2010-52.html

There is a box at the end of the Advisory which begins

"Note: Firefox users on Windows versions earlier than Vista ..."

I think it should be

"Note: Firefox users on Windows Vista and later versions of Windows ..."

Please check with those who have fixed the bug and please update the information. At the moment, the way I read it, the 'box' is saying OPPOSITE to the rest of the Security Advisory.

Thanks

DJ-Leith

PS The E-Mail Address for feedback on the http://www.mozilla.org/security/announce site is not accepting so I have posted here.

To: webmaster@mozila.org Subject: Typo in the "Mozilla Foundation Security Advisory 2010-52" (Windows XP DLL loading vulnerability)? Hi, I think there may be a typo in the "Mozilla Foundation Security Advisory 2010-52" as found here https://www.mozilla.org/security/announce/2010/mfsa2010-52.html and http://www.mozilla.org/security/announce/2010/mfsa2010-52.html There is a box at the end of the Advisory which begins "Note: Firefox users on Windows versions earlier than Vista ..." I think it should be "Note: Firefox users on Windows Vista and later versions of Windows ..." Please check with those who have fixed the bug and please update the information. At the moment, the way I read it, the 'box' is saying OPPOSITE to the rest of the Security Advisory. Thanks DJ-Leith PS The E-Mail Address for feedback on the http://www.mozilla.org/security/announce site is not accepting so I have posted here.

所有回复 (1)

DJ-Leith
DJ-Leith 提问者
more options

The Security Advisory has now been corrected.

The 'box', at the end, now says

"Note: Firefox users on Windows Vista or Windows 7 were not vulnerable to this attack because dwmapi.dll is part of the OS in Vista and later versions and the legitimate copy is successfully loaded by Firefox before attempting to load the planted DLL."

Thanks to all involved.

DJ-Leith