To all those who use Firefox (and why don't you???) The updates continue

The latest issue of SANS @RISK just hit my mail box and outlines a number of vulnerabilities with Firefox browser versions 1.0.2 and prior. Version 1.0.3 is now out and you should update your system to use it as soon as possible.

Mozilla.org - where to download latest version.

---

Another problem exists (as usual) in Microsoft's Explorer (directory browser) where commands coming in on Internet ports 139 and 445 (two ports used by Windows machines to share disk information in a Local Area Network/LAN) can be used to do nasty things to your computer. Virtually all hardware consumer firewall products block these ports by default, and they certainly should not be allowed to come into a private network from untrusted sources (and the rest of the Internet is certainly untrustworthy).

If all you have is a software firewall and you share disk access with others locally you may be vulnerable. You really should have a proper firewall appliance between your computer and your modem (cable, DSL, or even dialup) so... you should have a hardware firewall!