In association with heise online

19 October 2007, 10:47

New update for Firefox web browser

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

While work on Firefox 3.0 continues, the developers at the Mozilla Foundation have released a new update for the 2.x series of its open-source web browser. Firefox is already available in several languages for Windows, Mac OS X, and Linux. The new version is also being gradually distributed via the browser's automatic update function.

According to the developers, Firefox is also compatible with Apple's forthcoming Leopard operating system (Mac OS X 10.5). However, they say there are still some known problems that could detrimentally affect the functioning of the Web browser under the forthcoming operating system, including trouble with a few media plug-ins.

In addition to providing compatibility with Mac OS X 10.5, the developers have patched eight vulnerabilities in Firefox, two of which are considered critical. The first bug causes systems to crash and may allow attackers to inject arbitrary code. The second flaw could allow attackers to execute arbitrary JavaScript code with the rights of the local user.

Furthermore, the programmers of Firefox have included another fix to get around the vulnerability stemming from the handling of URIs in Windows. While Microsoft has promised a patch for Windows to remedy the vulnerability that can be exploited when other programs are called, there is still no sign of its release; to make matters worse, the unofficial URI patch has its own flaws.

Several of the vulnerabilities also affect the Thunderbird e-mail client and the Seamonkey Web suite. The upcoming versions of Thunderbird and Seamonkey 1.1.5 have not, however, been released yet although the bug fixes for Sea monkey have at least been described.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit