Skip to comments.Mozilla Firefox 18.104.22.168 Released with Fix for firefoxurl:// Exploit
Posted on 07/18/2007 7:01:55 AM PDT by holymoly
Mozilla Firefox 22.214.171.124 has been released and is currently being distributed to Firefox 2 users via the application's built-in software update system. The browser upgrade fixes several security bugs, which are detailed in the Firefox 126.96.36.199 section of the Mozilla Foundation Security Advisories page.
Firefox 188.8.131.52 includes a fix for the firefoxurl:// security exploit, which allows an attacker to use Microsoft Internet Explorer to trick Firefox into executing malicious code. Whether Firefox or IE is responsible for the flaw has been a matter of debate over the past week. The Mozilla Foundation security advisory about the firefoxurl:// issue maintains that it's a problem in IE and notes that other applications could be exploited in the same way. Others have argued that it's Firefox's responsibility to vet incoming data (something 184.108.40.206 now does).
Firefox 220.127.116.11 can be downloaded from the Firefox product page. The Firefox 18.104.22.168 Release Notes contain more general information about the upgrade. A similar update for Mozilla Thunderbird is expected shortly.
I will have to update it when i get the chance ...
I have become an Opera fanboy though...
This one clearly falls on the firefox folks, one should assume IE is insecure ;)
Got it, thanks!
This release sucks - been hanging up under conditions it never did before. CTL-ALT-DEL has been the order of the day to the point I am back to using IE for almost everything.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.