Mozilla re-patches Firefox 3.6 to fix plug-in problem
Second time in two months that a just-released update needs a follow-up fix
Computerworld - For the second time in two months, Mozilla on Friday rushed out a fix for Firefox to patch a problem with a browser update issued just days before.
Mozilla shipped Firefox 3.6.8 on Friday to patch a single security problem and deal with what Mike Beltzner, director of Firefox, called "a stability problem that affected some pages with embedded plug-ins."
The company had released Firefox 3.6.7 two days earlier.
Mozilla patched one critical security bug in the newest update, according to an advisory also published Friday. "In certain circumstances, properties in the plug-in instance's parameter array could be freed prematurely, leaving a dangling pointer that the plug-in could execute, potentially calling into attacker-controlled memory," the warning read.
The bug surfaced in one of the 16 patches that Mozilla applied to Firefox earlier in the week.
Details of that vulnerability, and the stability problem that Beltzner mentioned, were not available to the public as of Saturday.
Several Firefox users, however, had filed numerous reports to the browser's support forum of problems with Adobe's Flash Player plug-in after updating to Firefox 3.6.7.
"I updated Firefox from 3.6.2 to 3.6.7 and I REGRET IT!," wrote a user identified only as "Steve" in a support forum message posted Friday morning. "I can't watch YouTube. Every time the video is about to start Firefox freezes and I can't do nothing besides going into Task Manager and killing it from there. THIS SUCKS!"
Friday's patch-and-release was the second in two months for Mozilla. Just three days after updating Firefox to version 3.6.4 in late June, Mozilla delivered another update because people playing Farmville complained that their browser was shutting down the Facebook game. The company said that a new "out of process plug-ins" feature, designed to keep the browser running when a plug-in crashed, was kicking in too quickly.
The older Firefox 3.5 browser, which was upgraded to version 3.5.11 last Tuesday, is not affected by the security bug or the plug-in stability problem.
Users can update to Firefox 3.6.8 by downloading the new edition or by selecting "Check for Updates" from the Help menu in the browser.
- IE6: Retired but not dead yet
- Chrome users won't give up, keep pressing Google to restore old-style new tab page
- Google quashes 31 vulnerabilities, restores Metro mode 'steppers' with Chrome 34
- Firefox's UI face-lift on track for April debut
- Ex-Mozilla engineer blames Microsoft's rules for Metro Firefox's death
- Mozilla patches 20 Firefox flaws, plugs Pwn2Own holes
- Google reverses field, promises to restore Chrome's scrollbar arrows
- Update: Google ships Chrome 33, patches 28 bugs
- Mozilla's top exec defends in-Firefox ads, revenue search
- Mozilla taps in-Firefox ads as it searches for more revenue
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Desktop Apps White Papers | Webcasts