Microsoft released a Patch for a new Font-Driver-Vulnerability for all Windows Versions.
https://technet.microsoft.com/de-de/lib ... y/ms15-078
Noscript blocks special fonts by default, does it protects against this attack? Is firefox even affected?
Thanks
Does Noscript protects against the new Windows-Vulnerability
-
Guest
Does Noscript protects against the new Windows-Vulnerability
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
Re: Does Noscript protects against the new Windows-Vulnerabi
Seems the Adobe Type Manager Font Driver (ATMFD.DLL) is where the vulnerability lies, & where I'm looking in Mozilla (assuming I know where to look & what I'm looking at - don't bet on it!) I'm not seeing where atmfd.dll is loaded into any Mozilla process space, so I'll assume that Mozilla browsers would be unaffected, in general.
(Now if you used something like "IE Tab"...)
But then I'm not seeing where IE (IE8, XP) is loading it either?
So maybe, who knows? Maybe it doesn't load until needed or something like that?
In any case, regardless of whether NoScript helps in this situation or not, seemingly you will be safer, in general, when blocking fonts in NoScript.
(Now if you used something like "IE Tab"...)
But then I'm not seeing where IE (IE8, XP) is loading it either?
So maybe, who knows? Maybe it doesn't load until needed or something like that?
In any case, regardless of whether NoScript helps in this situation or not, seemingly you will be safer, in general, when blocking fonts in NoScript.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:36.0) Gecko/20100101 SeaMonkey/2.33.1