* Posts by Ivan Jones

1 publicly visible post • joined 26 Jul 2007

Zero-day security flaw leaves Firefox wide open

Ivan Jones

A simple solution

Want a simple, generic solution to this problem?

NEVER browse the Internet under Windows with anything more than basic user privileges, especially when logged in with Admin proviledges. Targeting just the specific processes of high risk applications such as IE and Firefox so that they run under the security-equvalent of a limited user will SIGNIFICANTLY reduce the attack surface for all kinds of (un)known exploits, including this one.

For more info, see the blog by Michael Howard. http://blogs.msdn.com/michael_howard/archive/2005/01/31/363985.aspx

The principle applies to any Internet-enabled application including IE, Firefox, Acrobat, Media Player, Quicktime, ITunes etc. The joy is that even with this added level of protection, you can still be logged on as an administrator and perform other tasks as normal.