Typo in the "Mozilla Foundation Security Advisory 2010-52" (Windows XP DLL loading vulnerability)?
To: webmaster@mozila.org
Subject: Typo in the "Mozilla Foundation Security Advisory 2010-52" (Windows XP DLL loading vulnerability)?
Hi,
I think there may be a typo in the "Mozilla Foundation Security Advisory 2010-52" as found here
https://www.mozilla.org/security/announce/2010/mfsa2010-52.html
and
http://www.mozilla.org/security/announce/2010/mfsa2010-52.html
There is a box at the end of the Advisory which begins
"Note: Firefox users on Windows versions earlier than Vista ..."
I think it should be
"Note: Firefox users on Windows Vista and later versions of Windows ..."
Please check with those who have fixed the bug and please update the information. At the moment, the way I read it, the 'box' is saying OPPOSITE to the rest of the Security Advisory.
Thanks
DJ-Leith
PS The E-Mail Address for feedback on the http://www.mozilla.org/security/announce site is not accepting so I have posted here.
Svi odgovori (1)
The Security Advisory has now been corrected.
The 'box', at the end, now says
"Note: Firefox users on Windows Vista or Windows 7 were not vulnerable to this attack because dwmapi.dll is part of the OS in Vista and later versions and the legitimate copy is successfully loaded by Firefox before attempting to load the planted DLL."
Thanks to all involved.
DJ-Leith