Mozilla fixes Firefox flaws it introduced
The latest update also includes a security fix
Computerworld - Mozilla Corp. late yesterday updated the Firefox browser to patch a single security vulnerability and fix several bugs it unintentionally introduced in earlier versions.
Mozilla currently supports two branches of the open-source application, and the upgrades -- Firefox 126.96.36.199 and Firefox 188.8.131.52 -- are now available, according to the release notes posted on the company's Web site.
Mozilla said that the security flaw, though rated as a low threat, might be used by attackers to run a rudimentary port scan of systems within the same perimeter as the victimized machine. The attacker, however, would have to craft a malicious Web site and host it on an FTP server and then con users into visiting the page.
The main purpose of the update, however, was to fix several "regressions" -- unintended flaws introduced by changes to previous versions. Earlier this month, Mozilla said it was working on a fast-turnaround for 184.108.40.206/220.127.116.11 to correct regressions in the browser's password manager, automatic security certificate authentication feature and other areas.
In related news, it appears that Mozilla will issue one more security update to Firefox 1.5.x before it puts the aging browser out to pasture.
Mozilla announced last year that it would stop issuing security updates for Firefox 1.5 as of April 24. A message from a Mozilla developer posted more than two weeks ago, however, named 18.104.22.168 as one of the two "the next regular security/stability releases."
By Symantec's count, Firefox ended 2006 on an upbeat note for security. It received patches for 40 bugs in the last six months of the year, 26% fewer than the 54 fixes released for rival browser Internet Explorer. So far in 2007, Mozilla has addressed nine bugs in Firefox while Microsoft Corp. has fixed four in IE.
Firefox 22.214.171.124 can be downloaded from the Mozilla Web site in versions for Windows, Mac OS X and Linux in 40 languages. Users can also update the browser using the Check for Updates command in the help menu.
Read more about Security in Computerworld's Security Topic Center.
- The Pivotal Big Data Suite- Reducing the Risks of Big Data The explosion of big data and the rapid evolution of big data tools and technologies is challenging IT to meet the demands of...
- A Survival Guide for Data in the Wild All corporate data used to reside in the data center. Safe and sound behind the corporate firewall. But now, employees have multiple devices...
- Transforming Security: Designing a State-of-the-Art Extended Team The information security mission is no longer about implementing and operating controls.
- The Big Data Security Analytics Era Is Here New security risks and old security challenges often overwhelm legacy security controls and analytical tools.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!