Firefox remains vulnerable to attacks exploiting protocol-handling bugs, even though it was patched twice in July, a pair of security researchers said this weekend. Billy Rios and Nate McFeters, who spelled out design and functionality vulnerabilities in Windows" Uniform Resource Identifier (URI) protocol handling as recently as mid-August, said Saturday that they have uncovered another way hackers could send malicious code to users via browsers.
"Once again, these URI payloads can be passed by the mailto, nntp, news, and snews URIs, allowing us to pass the payload without any user interaction," claimed Rios in a posting to his blog. "Although the conditions which allowed for remote command execution in Firefox 2.0.0.5 have been addressed with a security patch, the underlying file type handling issues which are truly the heart of the issue have NOT been addressed," he added.