Skip to comments.Mozilla Update Fixes Firefox, Thunderbird Security Flaws
Posted on 02/23/2007 5:41:39 PM PST by holymoly
Mozilla Corp. has released an update to its Firefox browser, fixing a number of security flaws in the product.
The Firefox 18.104.22.168 release includes a fix for a bug disclosed by security researcher Michal Zalewsky last week. That flaw can be exploited by attackers to manipulate cookie information in the Firefox browser, making it probably the most important fix in the update, according to Window Snyder, Mozillas head of security strategy.
"The potential to compromise a users account is almost as serious as compromising their machine," she said Friday via instant message. "Since the details of how to exploit the vulnerability are publicly available the risk to users is increased."
The updates also include a fix for a previously undisclosed memory corruption flaw in the browser that could be exploited to run unauthorized software on a Firefox users computer.
The patches were released on Friday afternoon and should soon be delivered via Firefoxs automatic software update mechanism, Snyder said.
Mozilla has patched a total of seven Firefox bugs and is also addressing two bugs in Thunderbird.
The latest browser release also includes enhancements to make it run better with Windows Vista as well as support for the Afrikaans, Belarusian, Georgian and Kurdish languages.
My Firefox just updated so it's available now.
Mine updated earlier this evening.
Thanks, just got mine.
Got mine an hour ago.
I updated my Firefox and it downloaded 22.214.171.124, not version 2.0.
Do I need to uninstall 1.5 and reinstall 2.0?
That strikes me as odd.
I can't imagine there would be anything wrong with un-installing 1.5, and re-installing 126.96.36.199.
Just to be safe, you may first want to visit the Firefox Web Forum, and ask there.
I'm running 2.0 and it hasn't updated autoamatically either...
One of my systems updated and restarted with 2.0 just fine.
My main system did not update automatically, and was running Firefox 1.5.0.09.
I hit the Update button and it upgraded to 188.8.131.52, not 2.0.
No direct answers that I saw quickly on the Mozilla forums, so I uninstalled and jumped to majorgeeks.com for a fresh install.
Mozilla is keeping parallel versions of Firefox updated for the time being. Version 1.5.0 and Version 2.0.0 will both receive the security patch. However, after April 24, 2007, only version 2.0.0 will be updated. So you're set until then.
See the page linked below (BTW it hasn't yet been revised to show today's release).
Jeez, I don't know. I never use auto update.
So did you upgrade to Version 184.108.40.206 then??
Auto-update should work on both versions. Make sure it is turned on. In version 1.5 go to Tools, Options, Advanced, Updates and check the appropriate boxes. It may however, be set on some sort of a clock that checks once a day when your browser is open, for example.
you need to download the mozbackup utility and run it.
This will save all of your bookmarks, passwords, extensions, and all the other addons and stuff you've customized to your FF 1.5.x installation. http://mozbackup.jasnapaka.com/download.php
You can then donload FF 220.127.116.11 and install it as a new installation, and retain your 1.5 installation for the time, just to be safe.
Everything you saved with mozbackup SHOULD be automatically brought into the 18.104.22.168 installation with the new installation wizrd that comes with firefox 2.0.x
the mozbackup will create an achive of your addons and other options and setting for FF1.5
After you install FF2.0 you can use mozbackup to transfer the archive into 2.0 and you'll almost seamlessly transfer to 2.0
Well, coming from a former Soviet block country, I hope it doesn't come with a virus.
Just got my auto-update notification.
Version 2.0 of Firefox it is. With 5 systems at home I don't do a very good job of keeping my versions in line, unlike at work.
My wife keeps muttering something about the shoemakers children, but I just can't make out what she is saying.
Funny thing, on most M$ products I don't jump out the first day that upgrades are available. With Firefox, Opera, AVG or Folding@Home, I will grab them as soon as I can ...
Nice utility. It could really come in handy considering that I force my computer customers to use either Opera or Firefox.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.