Mozilla nixes Firefox 11 delay, will launch upgrade today
Says concern over last week's Pwn2Own bug unwarranted because it was already patched
Computerworld - Mozilla on Monday announced it was postponing the release of Firefox 11, but changed its mind today, saying that the browser upgrade would go out on schedule.
Yesterday, Johnathan Nightingale, senior director of Firefox engineering, said Mozilla was delaying Firefox 11's launch to examine a bug unveiled at last week's Pwn2Own hacking contest and to give developers time to scrutinize Microsoft's security updates, set to release today at approximately 1 p.m. ET.
On the last day of Pwn2Own, a two-man team -- Vincenzo Iozzo and Willem Pinckaers -- exploited a Firefox vulnerability to take the contest's $30,000 second-place prize.
ZDI, which sponsored the Pwn2Own hacking contest that ran March 7-9, reported vulnerabilities used at the event to vendors yesterday.
Originally, Nightingale said that the delay would be "a day or two." Today, he updated his post to a Mozilla blog confirming that the upgrade would go out after all.
"The security bug reported by ZDI is one we had already identified and fixed through our internal processes," said Nightingale. "This eliminates the need for us to delay this week's releases, and we will be shipping them later today."
As for today's Windows security updates -- which Nightingale acknowledged had "interacted badly with our updates before" -- Mozilla was taking a different tack.
"In order to understand the impacts of Microsoft's 'Patch Tuesday' fixes, we will initially release Firefox for manual updates only," Nightingale said today. "Once those impacts are understood, we'll push automatic updates out to all of our users."
Firefox 11 will include the usual security patches, as well as a few new features noticeable to users, such as synchronizing add-ons across all Firefox-equipped machines.
When Mozilla releases Firefox 11, it will be available for downloading from the company's website.
As of 12:30 p.m. ET, Mozilla had not pushed Firefox 11 to its download page, or offered the upgrade to users who manually requested the update.
To trigger the update, Windows users should select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox." Meanwhile, Mac users must choose "About Firefox" from the Firefox menu.
Once Mozilla starts its automatic update process, people already running Firefox will be offered the upgrade through the browser's maintenance mechanism.
Also scheduled to launch today is the next security update to Firefox 3.6, the two-year-old browser that will be retired from support next month.
Pwn2Own was not the only hacking event held last week: At the same time and at the same security conference, Google hosted its inaugural Pwnium challenge where it solicited vulnerabilities and exploits for Chrome. Google paid out $120,000 to two researchers who demonstrated exploits of Chrome and its integrated sandbox.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
- Google reverses field, promises to restore Chrome's scrollbar arrows
- Update: Google ships Chrome 33, patches 28 bugs
- Mozilla's top exec defends in-Firefox ads, revenue search
- Mozilla taps in-Firefox ads as it searches for more revenue
- Mozilla ships Metro Firefox beta for Windows 8
- Mozilla defers Firefox's new 'Australis' UI to April
- Mozilla resets Metro Firefox ship date to mid-March
- Mozilla ships Firefox 26 with opening click-to-play move
- Mozilla banked $274M in '12 from Google-Firefox search deal
- Google trumpets Chrome's SPDY gains
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Accelerating Network Convergence in Virtualized and Cloud Data Centers Adopting a converged networking strategy enables organizations to traffic server and storage I/O workloads on consolidated data throughput channels. Intelligent software helps optimize...
- Omnichannel: From Buzzword to Strategy Customers demand a seamless experience across channels, especially mobile. Read this whitepaper for a research-based framework for using omnichannel for higher customer engagement.
- How 10GbE Network is the Backbone of the Virtual Data Center The shift to a virtual data center has put tremendous strain on legacy networks; driving the need for more speed, lower latency, more...
- 10GbE in the Data Center Improvements in 10GbE technology, lower pricing, and improved performance make 10GbE for the mid-market a viable and cost-effective strategy. This white paper discusses...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Desktop Apps White Papers | Webcasts