Free Republic
Browse · Search		 General/Chat
Topics · Post Article

Skip to comments.

Mozilla Update Fixes Firefox, Thunderbird Security Flaws
CSO ^ | Feb 23, 2007 | Robert McMillan

Posted on 02/23/2007 5:41:39 PM PST by holymoly

Mozilla Corp. has released an update to its Firefox browser, fixing a number of security flaws in the product.

The Firefox 2.0.0.2 release includes a fix for a bug disclosed by security researcher Michal Zalewsky last week. That flaw can be exploited by attackers to manipulate cookie information in the Firefox browser, making it probably the most important fix in the update, according to Window Snyder, Mozilla’s head of security strategy.

"The potential to compromise a user’s account is almost as serious as compromising their machine," she said Friday via instant message. "Since the details of how to exploit the vulnerability are publicly available the risk to users is increased."

The updates also include a fix for a previously undisclosed memory corruption flaw in the browser that could be exploited to run unauthorized software on a Firefox user’s computer.

This flaw could also affect Thunderbird users who have configured their mail client to run JavaScript automatically, something that Mozilla does not recommend. Thunderbird is Mozilla’s free e-mail client.

The patches were released on Friday afternoon and should soon be delivered via Firefox’s automatic software update mechanism, Snyder said.

Mozilla has patched a total of seven Firefox bugs and is also addressing two bugs in Thunderbird.

The latest browser release also includes enhancements to make it run better with Windows Vista as well as support for the Afrikaans, Belarusian, Georgian and Kurdish languages.

TOPICS: Chit/Chat; Computers/Internet
KEYWORDS: mozilla; thunderbird
Navigation: use the links below to view more comments.
first previous 1-2021-24 last
To: texas booster

Version 2.0 has been out since last November, I believe. Has had two updates; this is the second. I've updated my laptop but not my desktop because one of the extensions I use has not been updated to version 2.0. However, I like the autospell check on v.2 so probably not worry about missing an extension.


21 posted on 02/23/2007 7:30:31 PM PST by CedarDave (Vietnam Vet Remembers -- This Time ... SUPPORT the Troops, COMPLETE the Mission)
[ Post Reply | Private Reply | To 19 | View Replies]
To: CedarDave
BTW it hasn't yet been revised to show today's release

After I did the update to 1.0.5.10 the proper release notes popped up:

http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html

22 posted on 02/23/2007 7:53:06 PM PST by CedarDave (Vietnam Vet Remembers -- This Time ... SUPPORT the Troops, COMPLETE the Mission)
[ Post Reply | Private Reply | To 11 | View Replies]
To: JerseyHighlander

Excuse my off-the-cuff comment; I was snarly. I've looked further at the program and it seems to be able to perform a comprehensive backup.


23 posted on 02/23/2007 8:05:59 PM PST by CedarDave (Vietnam Vet Remembers -- This Time ... SUPPORT the Troops, COMPLETE the Mission)
[ Post Reply | Private Reply | To 15 | View Replies]
To: CedarDave

Thanks,...I had update on...so maybe tomorrow...I set the flag so he asks me if I want the update....


24 posted on 02/23/2007 9:45:16 PM PST by Ernest_at_the_Beach (The DemonicRATS believe ....that the best decisions are always made after the fact.)
[ Post Reply | Private Reply | To 14 | View Replies]

Navigation: use the links below to view more comments.
first previous 1-2021-24 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search		 General/Chat
Topics · Post Article
FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson