Mozilla fixes Firefox flaws it introduced
The latest update also includes a security fix
Computerworld - Mozilla Corp. late yesterday updated the Firefox browser to patch a single security vulnerability and fix several bugs it unintentionally introduced in earlier versions.
Mozilla currently supports two branches of the open-source application, and the upgrades -- Firefox 22.214.171.124 and Firefox 126.96.36.199 -- are now available, according to the release notes posted on the company's Web site.
Mozilla said that the security flaw, though rated as a low threat, might be used by attackers to run a rudimentary port scan of systems within the same perimeter as the victimized machine. The attacker, however, would have to craft a malicious Web site and host it on an FTP server and then con users into visiting the page.
The main purpose of the update, however, was to fix several "regressions" -- unintended flaws introduced by changes to previous versions. Earlier this month, Mozilla said it was working on a fast-turnaround for 188.8.131.52/184.108.40.206 to correct regressions in the browser's password manager, automatic security certificate authentication feature and other areas.
In related news, it appears that Mozilla will issue one more security update to Firefox 1.5.x before it puts the aging browser out to pasture.
Mozilla announced last year that it would stop issuing security updates for Firefox 1.5 as of April 24. A message from a Mozilla developer posted more than two weeks ago, however, named 220.127.116.11 as one of the two "the next regular security/stability releases."
By Symantec's count, Firefox ended 2006 on an upbeat note for security. It received patches for 40 bugs in the last six months of the year, 26% fewer than the 54 fixes released for rival browser Internet Explorer. So far in 2007, Mozilla has addressed nine bugs in Firefox while Microsoft Corp. has fixed four in IE.
Firefox 18.104.22.168 can be downloaded from the Mozilla Web site in versions for Windows, Mac OS X and Linux in 40 languages. Users can also update the browser using the Check for Updates command in the help menu.
Read more about Security in Computerworld's Security Topic Center.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!