On Tue, 2005-05-10 at 18:47 -0400, [KS] wrote: > Here is the official security advisory link from mozilla.org > http://www.mozilla.org/security/announce/mfsa2005-42.html > > You should be fine as long as you haven't added any website to the > whitelist to install software except the official update website. > > /KS >
Not so. From the "Workaround" section of the advisory: "4. Click the "Remove All Sites" button" The problem is that any site can install software as long as there is at least a single site on the whitelist. You are vulnerable until you clear the whitelist completely. dB -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
