blob: 840a88b95fac872b2d3bb6d3177a9a7a70a6b160 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Mozilla has pushed out a Firefox update to patch some security issues which we [mentioned last week][4]. The new update, Firefox 2.0.0.6 comes just two weeks after the last security update.
Firefox 2.0.0.6 fixes a critical vulnerability that would cause the browser to pass on unescaped URIs to external programs, which opened up all sorts of nasty attacks, including a means for hackers to install malware on Windows simply by offering a specially crafted link.
The new update also addresses a less serious vulnerability involving Firefox add-ons.
The update can be [downloaded from the Mozilla servers][1]. The [release notes][3] are available and if you'd like more information on the security issues, the patch information can be found [here][2].
A security advisor sent out to Mozilla's mailing list also lists new version of Thunderbird 2.0.0.6, 1.0.5.13 and SeaMonkey 1.1.4 which all address the same issues.
[1]: http://www.mozilla.com/en-US/firefox/all.html
[2]: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.6
[3]: http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/
[4]: http://blog.wired.com/monkeybites/2007/07/uri-vulnerabili.html "URI Vulnerabilities Continue To Plague Firefox 2"
|
