RSS FeedApplications
Mozilla patches six Firefox bugs

Mozilla patches six Firefox bugs

Third time Mozilla has updated Firefox in 2007

By | Published 10:27,

Mozilla has patched its flagship Firefox browser with fixes for six vulnerabilities, one of which was stamped "critical" by the open source developer.

This was the third time Mozilla has updated Firefox in 2007. The updates bring the current browser to Version 2.0.0.4, and the 2005 edition to 1.5.0.12.

Also in this channel
Related Articles

 

Virtualisation, Big Data and BYOD

Check out our Business IT Hub for opinions and briefings. Read more

The most comprehensive patch - MFSA 2007-12 - fixed 30 separate memory corruption bugs in Firefox's browser layout and JavaScript engines. Even Mozilla seemed unsure of their impact. "Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code," an advisory notice said.

Mozilla warned that the Thunderbird and SeaMonkey email software, which shares Firefox's layout engine, may be vulnerable to the bugs as well. The developers recommend that users do not enable JavaScript in Thunderbird or the mail portion of SeaMonkey.

The updates also fix a pop-up bug that could be used to mask parts of the browser, such as the address bar; a cross-site scripting vulnerability; a problem with how the browsers handle cookies; and a flaw that could let attackers crash Firefox using its auto complete feature.

Firefox 2.0.0.4 can be downloaded from the Mozilla web site for Windows, Mac OS X and Linux. Firefox 1.5.0.12 is available from a different page. Current users can also update using the Check for Updates command in the help menu.

Mozilla also reiterated that the patches would be Firefox 1.5's last, and said that an update to Firefox 2.0.0.4 would be offered to its users "over the coming weeks".

Although Firefox ended 2006 upbeat according to Symantec – the anti-virus vendor tallied 40 patches in the last six months of the year, 26% fewer than the 54 released for rival browser Internet Explorer - so far this year, Mozilla has addressed more than twice as many vulnerabilities as Internet Explorer. In the first five months of 2007, 22 bugs in Firefox have been patched, 9 of which were pegged as critical. Microsoft has fixed only 8 in Internet Explorer 7 were labelled critical.

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

HP Business Answers

Join the discussion today

The HP Business Answers group is a vibrant community of small and medium sized business owners and employees. HP provides independent and expert advice in fields such as design, branding, taxation, technology, marketing or manufacturing so join today to network with over 6500 like-minded professionals.

Join the HP Business Answers Linkedin Community

Read the most recent discussions

Read more at the HP Business Answers Linkedin Community

ComputerWorldUK Resources

ComputerworldUK
Share
x
Open
* *