Firefox 出现严重漏洞

详细说明: A vulnerability has been identified in Mozilla Firefox, which could be exploited by attackers to take complete control of an affected system. This issue is caused by a design error within the “Firefox#url://” URI handler which is registered by the application during the installation process on Windows, which could be exploited by remote attackers to pass malicious arguments to “Firefox#url://” and execute arbitrary commands with Chrome privileges by tricking a user into visiting a specially crafted web page using Internet Explorer. 漏洞演示:点击这里 解决方案:

  1. 点击开始的运行,执行“regedt32”命令
  2. 在注册表编辑器中,查找键值”HKEY_CLASSES_ROOT\FirefoxURL”和”HKEY_CLASSES_ROOT\FirefoxHTML”
  3. 鼠标右击删除这两个键值。
comments powered by Disqus