Thursday, 13 November 2008 08:18

More critical holes plugged by Firefox updates

By
New updates to Firefox 2.0 and 3.0 include fixes for multiple security vulnerabilities, some of them regarded as critical. Users are advised to install the updates "as soon as possible."

The previous update to the popular open source browser for Windows, Linux and Mac OS X appeared in late September and also delivered critical security updates.

Firefox 3.0.4 fixes multiple bugs that the developers say could potentially be exploited to run arbitrary code, a bug in the session restore feature that could be exploited in cross site scripting attacks or to escalate JavaScript privileges, and bugs in HTTP index response parsing and DOM construction that can be used to cause the execution of arbitrary code.

Two high, two moderate and one low impact security issues are also fixed by the release.

Other bug fixes address problems relating to stored passwords and saving proxy settings.

Additional changes include miscellaneous stability improvements, an updated version of the Public Suffix list, and support for additional EV (Extended Validation) root certificates.

Icelandic and Thai are now officially supported, with beta support for Bulgarian, Esperanto, Estonian, Latvian, Occitan and Welsh. A user interface issue relating to Japanese, Korean, Chinese and Indic has also been fixed.

Firefox 2.0.18 is a security update only, as Firefox 2 is no longer being developed and support is scheduled to end next month.

It fixes six critical issues, along with three high, one moderate and one low impact vulnerabilities. Some of the fixes are common to Firefox 2 and 3.

The updates can be obtained by using Firefox's built-in updating mechanism, or by downloading new versions of the browser from www.getfirefox.com


BACK TO HOME PAGE

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

talentCRU FREE WEBINAR INVITE - Cybersecurity in COVID-19 times and beyond

With the mass transition to remote working, our businesses are becoming highly dependent on the Internet.

So, it’s no surprise that we’ve seen an increase in cyberattacks.

However, what’s more concerning is that just 51% of technology professionals are highly confident that their cybersecurity teams are able to detect and respond to these threats.

Join us for this free online roundtable where our experts discuss key cybersecurity issues IT leaders are facing during the pandemic, and the challenges that will likely emerge in the coming years.

JOIN WEBINAR!

BACK TO HOME PAGE
Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

BACK TO HOME PAGE

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments