HotNewNobs
  • NEWS
    • AFRICA
    • POP CULTURE
    • SNEAKERS
  • SONGS
  • MIXTAPES
  • VIDEOS
  • TECHNOLOGY
No Result
View All Result
HotNewNobs
No Result
View All Result

Firefox gets another major security upgrade

Chris by Chris
October 15, 2019
in Technology
0
Firefox gets another major security upgrade
Share on FacebookShare on Twitter

Firefox gets another major security upgrade

Firefox gets another major security upgrade

In a recent blog post on the Mozilla Security Blog, the Firefox-maker revealed the steps it has taken to protect users from code injection attacks by making its browser more secure.

The company has hardened its browser by removing “potentially dangerous artifiacts” from the Firefox codebase, including inline scripts and eval()-like functions, according to the firm’s platform security and privacy engineer Christoph Kerschbaumer.

Also See:

  • Eminem Confronts Home Intruder that slipped past his…
  • George Floyd's Killer Derek Chauvin, Moved To…
  • CS:GO ELeague Major pools and tournament schedule announced

Inline scripts were removed in an effort to improve the protection of Firefox’s ‘about’ protocol which is often referred to as about: pages. These about: pages allow users to do things such as display network information, view how their browser is configured and see which plug-ins they’ve installed.

However, since these about: pages are written in HTML and JavaScript, they employ the same security used by web pages, which are also vulnerable to code injection attacks. For instance, an attacker could inject code into an about:page and use it to change configuration settings in Firefox.

Code injection attacks
To help protect Firefox users against code injection attacks, Mozilla decided to rewrite all of its inline event handlers and to move all inline JavaScript code for all 45 of its about: pages to “packaged files”. The company also set a strong Content Security Policy to make sure that any injected JavaScript code is unable to execute.

Kerschbaumer explained how this new measure can help protect against code injection attacks, saying:

“Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.”

Additionally, Mozilla has warned developers against using the eval() function which it described as a “dangerous function, which executes the code it’s passed with the privileges of the caller”. By rewriting all eval()-like functions, the company has reduced the attack surface in Firefox further.

Via ZDNet

Tags: Firefoxsecurity upgradeUpgrade
Previous Post

How IT businesses can offer cybersecurity

Next Post

Cash Money Announces ‘She Ball’ Film Starring Nick Cannon, Chris Brown and More

Related Posts

Microsoft's Bid To Purchase TikTok Is Rejected
Technology

Microsoft’s Bid To Purchase TikTok Is Rejected

September 14, 2020
Sony Confirms Date For PS5 Showcase
Technology

Sony Officially Confirms Date For PS5 Showcase

September 14, 2020
TikTok Announces First Music Distribution
News

TikTok Announces First Music Distribution Deal with UnitedMasters

August 17, 2020
TikTok May Be Getting Banned In The U.S.
Technology

TikTok and Other Chinese app May Be Getting Banned In The U.S.

July 7, 2020
NASA Discover Evidence Of A Parallel Universe
Technology

NASA Discover Evidence Of A Parallel Universe

May 20, 2020
Google And Apple Team Up To Build COVID-19 Mobile App For Android and IOS
Technology

Google And Apple Team Up To Build COVID-19 Mobile App For Android and IOS

April 11, 2020
Next Post

Cash Money Announces 'She Ball' Film Starring Nick Cannon, Chris Brown and More

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent News

Godzilla vs. Kong trailer

Watch the jaw dropping Godzilla vs. Kong official Movie Trailer

January 25, 2021
6ix9ine Cleared Of "Strong-Armed Robbery" Accusation

6ix9ine Reportedly Cleared Of “Strong-Armed Robbery” Accusation In Miami

January 20, 2021
Drake Sets New Historic Spotify Streaming Record

Drake Sets New Historic Spotify Streaming Record

January 18, 2021
Gunna Gets His Niece A New Car

Rapper Gunna Gets His Niece A New Car

January 17, 2021
Rico Nasty Pew Pew

Rico Nasty Shares New Song Pew Pew

January 17, 2021
  • Home
  • Life Style
  • Contact Us
  • About

© 2020 HotNewNobs. All Right Reserved.

No Result
View All Result
  • NEWS
    • AFRICA
    • POP CULTURE
    • SNEAKERS
  • SONGS
  • MIXTAPES
  • VIDEOS
  • TECHNOLOGY

© 2020 HotNewNobs. All Right Reserved.