Attention this week turns to Firefox, a popular Web browser being used by over 50 million people, as two security flaws have been revealed that could put users at risk.

	WEEKLY REPORTS Solutions, Prevention & Remedies Top 10 Threats

The first flaw allows a third party to add program extensions to a Firefox user's software, which ordinarily must be done at the Firefox update Web site. The second flaw takes control of Firefox to remotely navigate to previous Web sites. Taken together, an unscrupulous hacker can steal personal and financial information from the user.

The fix to these flaws is contained in Firefox 1.0.4, which users can download and install.

In other Internet security news, Microsoft's May security release includes a service pack for Microsoft .NET and a new version of its malicious software removal tool. There are no general security updates for Windows. Microsoft also has issued a security advisory for Windows Media Player.

---

Worry Watch Plus Online only:
Firefox Protection and Prevention:
Mozilla's Firefox Update -
Anonymizer's Total Privacy Suite
FraudEliminator -

Manually Installing Extensions in Firefox from Mozilla Update
Installing extensions

Most Popular Extensions for Firefox
Popular Firefox extensions

---

Solutions, Prevention & Remedies*: Microsoft's Latest Security Releases
Name	Number	For Users of	Priority
Vulnerability in Web View Could Allow Remote Code Execution	KB894320	Windows 2000*	Important
Windows Malicious Software Removal Tool	KB890830	Windows 2000, XP*
Security Advisory Windows Media Player	KB892313	Windows 2000, XP*
Security Advisory SMTP Tar Pit Feature	KB842851	Windows Server 2003*

Go back

* Reading: Solutions, Prevention & Remedies
Additional summary information related to a specific type of solution or prevention that you should be considering. Depending upon the week, this section may have:
• Recent Windows security releases from Microsoft
• Recent updates to widely used anti-spyware programs
• Recent updates to widely used anti-virus programs
• Recent updates to other security programs & devices (ex: Firewalls, routers)
• Recent updates to various applications in wide use

---

Top 10 Threats:
Name	Type	Affects	Alert Level
Netsky.P MORE	Worm	Windows 95, 98, 2000, ME, NT, XP*	Severe
Mhtredir.gen MORE	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Medium
Shinwow.E MORE	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Medium
Qhost.AF MORE	Trojan	Windows 95, 98, 2000, ME, NT, XP	Low
Sober.V MORE PREVIOUSLY	Worm	Windows 95, 98, 2000, ME, NT, XP*	High
Downloader.BSU MORE	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Medium
ByteVerify MORE	Trojan	Windows 98, 2000, ME, NT, XP	High
Citifraud.A MORE	Trojan	Windows 95, 98, 2000, ME, NT, XP*	High
BotMail.C MORE	Backdoor	Windows 95, 98, 2000, ME, NT, XP	Medium
Sdbot.ftp MORE	Worm	Windows 95, 98, 2000, ME, NT, XP	Medium

Go back

Read: Top Threats
These are viruses that are currently on the watch lists of major anti-virus software companies.

Name
What the threat is called. We use the name given each virus by Panda Software. Sometimes other anti-virus companies give the same threat a different name. Usually they use similar names.

Type
There are different characteristics associated with different types of threats.
• Virus - has the ability to replicate or infect computers or other programs
• Trojan Horse (or Trojan) - appear to be harmless programs when you get them. They unleash their payload when you double-click, open, or execute them.
• Phishing - a Web site or e-maill message posing as another company - usually one you know to fool you into giving the sender personal information.
• Worm - self replicates onto additional disks, computers or networks
• Spyware - installs on your system to collect information about your activity, preferences or interests
• Hoax - false messages sent by e-maill to mislead the recipient
• Backdoors - opens a security hole that allows outsiders to take control of your computer
• Dialer - uses your telephone to dial an outside number - sometimes a number that costs you money when dialed

Affects
Not all viruses affect all types of systems. Some, for example may affect only Windows 98 and 95, but not Windows XP or NT. Others affect all Windows systems, but not Macintosh. In this column, we show you the consumer systems that the threat is known to affect. We don't always include the servers that operate in your company's backroom.

Alert level
The level of awareness that anti-virus vendors suggest you need to have for each threat listed.
For each threat listed, we'll post a corresponding link here, so you can get more information to help you recognize, diagnose, prevent, and repair the problem.