Mozilla has now updated Firefox to 2.0.0.4 and released to the general public. This update includes security fixes, stability improvements and enhancement to Firefox's ability to block popups.
Users have already begun to see the upgrades right from on Wednesday, May 30th. We upgraded our browser on 30th only..
[ Download Firefox 2.0.0.4 ]
Google adsense is doing a lot of changes. Lots of new types of displaying ads. We were amazed to see some real cool ad some days ago.. We searched for scholarship and got this ad on the right side on the search engine page.
Check out these screenshots :
It showed some phone icon on the ad, we just clicked it. The image 2nd was the thing which showed up. Surprisingly Google says " Google can call your phone now and connect you to this company. " Connect for free ". Wow..this is something seen for the first time .
Third party extensions including the widely used toolbars from Google, Yahoo, Ask, Facebook, LinkedIn, as well as social bookmark extension from Del.icio.us and two anti-hacking add-ons, the Netcraft Anti-Phishing Toolbar and the PhishTank SiteChecker all put users at risk of having their browser infected with malicious code.
Unlike almost all of the extensions hosted at Mozilla, the foundation that created the open-source Firefox browser, these commercial extensions check for updates from servers controlled by their respective corporate overlords. And they fail to check for extensions from servers with SSL certificates, which most users know as sites that start with https://.
one security extension, the McAfee SiteAdvisor add-on that warns users when they are about to visit a site known to host untrustworthy downloads or malicious code, correctly uses an https:// extension for updates.
UPDATE: Reader Johnny writes in the comments that the SiteAdvisor add-on is actually not safe:
Unlike the research suggests, McAfee SiteAdvisor is actually worse than any of these other major extensions. It periodically downloads completely unauthenticated code from McAfee's server, which it then executes with the same privileges as your browser.
Not only does this backdoor allow McAfee to do whatever they please with your computer, but a hacker can run any malicious code on your system without you ever noticing by simply spoofing the URL http://www.siteadvisor.com/download/safe/safe.js
More on the vulnerability from Ryan Naraine and Brian Krebs.