Firefox 出现严重漏洞

详细说明:
A vulnerability has been identified in Mozilla Firefox, which could be exploited by attackers to take complete control of an affected system. This issue is caused by a design error within the “FirefoxURL://” URI handler which is registered by the application during the installation process on Windows, which could be exploited by remote attackers to pass malicious arguments to “FirefoxURL://” and execute arbitrary commands with Chrome privileges by tricking a user into visiting a specially crafted web page using Internet Explorer.

漏洞演示:点击这里

解决方案:

  1. 点击开始的运行,执行“regedt32”命令
  2. 在注册表编辑器中,查找键值”HKEY_CLASSES_ROOT\FirefoxURL“和”HKEY_CLASSES_ROOT\FirefoxHTML
  3. 鼠标右击删除这两个键值。

发表评论