Mozilla Firefox will protect from MIME Confusion Attacks

Mozilla will add protection from MIME Confusion attacks in Firefox version 50. This is a method that disguises malicious code as popular types of data, such as images, documents, and movies.

Firefox Will Be Well Protected Against These Types of Attacks

Mozilla will offer better protection against cyber security threats in Firefox version 50. The software developers will MIME Confusion attacks migitation, which is proving to be a popular tool among computer criminals. These types of infections pose as ordinary data such as images, movie clips, and documents, but contain Trojans, ransomware, and other malware code.

The way the protection will work is by checking the Content-Type header when accessing files. This technique verifies the MIME type of the file according to the classification.

Unfortunately, not all servers can respond correctly to this type of inspection and so this feature may not work well against all computer threats. Browsers use a method of distinguishing files by using MIME that detects the file type value.

The MIME Confusion attacks can execute XSS or CSRF attacks inside the user browsers. Firefox 50 will employ a “strict context load” approach. This means that if a MIME check fails, then the browser will not load the requested files.

This will not entirely remove the risk of these types of attacks, but it will substantially reduce the number of infected victim hosts.

Was this content helpful?

Avatar

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts