Mozilla Firefox 184.108.40.206 Released
Saturday July 19th, 2008
Mozilla Firefox 220.127.116.11 was released this week. The stability and security update to Firefox 2 fixes two security bugs, which are detailed in the Firefox 18.104.22.168 section of the Security Advisories for Firefox 2.0 page. Both are rated Critical, the highest of the four ratings.
One flaw is related to how Firefox handles command-line URLs to open multiple tabs and allows an attacker to open potentially malicious URLs in Firefox from another application. One variant of this attack exploits the widely-reported Safari carpet-bombing vulnerability but others also exist. Somewhat ironically, the exploit relies on Firefox not being open at the time of the attack.
The other vulnerability allows an attacker to crash and run arbitrary code on a victim's computer by overflowing a CSS object reference counter. The detailed bug reports for both issues are currently access-restricted to avoid assisting attackers but will be fully opened after users have had some time to install Firefox 22.214.171.124.
Although Firefox 3 was released in June and all users are encouraged to upgrade, Firefox 2 will be maintained with security and stability upgrades until mid-December 2008, according to the Mozilla Developer News weblog, which reported on the release of Firefox 126.96.36.199 on Tuesday. Version 188.8.131.52 is the second Firefox 2 update to be released since the launch of Firefox 3 and follows on from Firefox 184.108.40.206, which fixed twelve security issues.
Existing Firefox 2 users will be offered 220.127.116.11 via the browser's built-in software update feature if enabled. It can also be downloaded from the older Firefox releases page or the Firefox 18.104.22.168 directory on releases.mozilla.org, where it is available in over forty localizations for Windows, Mac OS X and Linux. The Firefox 22.214.171.124 Release Notes contain more general information about the upgrade.
Monday September 22nd, 2008 7:44 AM
You are replying to this message
Did you have IE before Mozilla 2_00_16? If you had, don't be surprised... "Fields"