Author Topic: Mozilla Firefox: Another Day, Another Bug Fix  (Read 784 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 36064
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Mozilla Firefox: Another Day, Another Bug Fix
« on: August 04, 2009, 04:35:51 PM »

Mozilla has issued "security and stability" updates to the Firefox 3.5 and 3.0 open-source browsers that patch several security vulnerabilities, including one disclosed at last week's Black Hat security conference that attackers could exploit to lure users to bogus Web sites.

"We strongly recommend that all Firefox users upgrade to this latest release," said a posting on The Mozilla Blog about the new Firefox 3.5.2 and 3.0.13 releases.

The updates come just a few days after the total number of Firefox downloads surpassed the 1 billion mark. And the Firefox 3.5.2 release comes just two weeks after Mozilla hustled to get Firefox 3.5.1 out the door after the much-anticipated Firefox 3.5.0, which debuted June 30, was found to contain a JavaScript-based memory corruption bug.

Mozilla rated several of the fixed security flaws as "critical," including one patched in Firefox 3.0.13 that compromises the browser's SSL-protected communications. That flaw, first described by Dan Kaminsky of IOActive at the Black Hat conference, could allow a hacker to create a bogus Web page, such as a fake bank site, and trick users into disclosing personal information or accepting software containing malware.

The patches apply to versions of Firefox for Windows, Mac OS X and Linux. Users with Firefox 3.0.x and 3.5.x will receive an automated update notification within 24 to 48 hours, according to the blog posted just after 3:00 PDT Monday. Users can also manually download the updates.

Firefox held a 22.47 percent share of all browsers used during the month of July, according to Net Applications, a Web metrics company. Most of them are believed to be using a version of Firefox 3.0, which is scheduled to fall off Mozilla's support list in January 2010.