Mozilla fixes Firefox flaws it introduced
The latest update also includes a security fix
Computerworld - Mozilla Corp. late yesterday updated the Firefox browser to patch a single security vulnerability and fix several bugs it unintentionally introduced in earlier versions.
Mozilla currently supports two branches of the open-source application, and the upgrades -- Firefox 184.108.40.206 and Firefox 220.127.116.11 -- are now available, according to the release notes posted on the company's Web site.
Mozilla said that the security flaw, though rated as a low threat, might be used by attackers to run a rudimentary port scan of systems within the same perimeter as the victimized machine. The attacker, however, would have to craft a malicious Web site and host it on an FTP server and then con users into visiting the page.
The main purpose of the update, however, was to fix several "regressions" -- unintended flaws introduced by changes to previous versions. Earlier this month, Mozilla said it was working on a fast-turnaround for 18.104.22.168/22.214.171.124 to correct regressions in the browser's password manager, automatic security certificate authentication feature and other areas.
In related news, it appears that Mozilla will issue one more security update to Firefox 1.5.x before it puts the aging browser out to pasture.
Mozilla announced last year that it would stop issuing security updates for Firefox 1.5 as of April 24. A message from a Mozilla developer posted more than two weeks ago, however, named 126.96.36.199 as one of the two "the next regular security/stability releases."
By Symantec's count, Firefox ended 2006 on an upbeat note for security. It received patches for 40 bugs in the last six months of the year, 26% fewer than the 54 fixes released for rival browser Internet Explorer. So far in 2007, Mozilla has addressed nine bugs in Firefox while Microsoft Corp. has fixed four in IE.
Firefox 188.8.131.52 can be downloaded from the Mozilla Web site in versions for Windows, Mac OS X and Linux in 40 languages. Users can also update the browser using the Check for Updates command in the help menu.
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts