Mozilla Firefox 3.5.3

Posted on September 11, 2009. Filed under: Computer, News, Super Fast Updates, Web, Windows/7 | Tags: , , , , , , |

          

    Yesterday, Mozilla released version 3.5.3 of Firefox.In this they corrected 46 bugs, as well as nine security issues rated critical and one issue rated low. The updated version of Firefox is available now, and is being pushed to users as you read this.

   One of the security advisories, MFSA 2009-47, included fixes for seven security and stability flaws, some of which showed evidence of memory corruption. This led Mozilla to assume that, with enough effort, an attacker could use the crashes to run code. Thus you get the critical rating and the one advisory that forms the majority of the security issues in this update. The flaws addressed are split between the browser engine and JavaScript engine.

    The second critical patch, MFSA 2009-49, which came from TippingPoint’s ZDI, addresses issues in the columns of the XUL tree element that could be manipulated by an attacker to run code. The last critical patch, MFSA 2009-51, deals with a vulnerability in the BrowserFeedWriter that could be leveraged to run malicious JavaScript with chrome privileges.

       Each of the previous critical issues also earn the same rating for users of Firefox 3.0.13, which was updated to version 3.0.14 with yesterday’s releases. MFSA 2009-48, rated as moderate, and the only patch not included with the 3.5.3 release, corrects a problem with the lack of informative dialogs when security modules were added or removed via pkcs11.addmodule or pkcs11.deletemodule.

  Everyone is encouraged to update their browser as soon as possible. The odds are you need only to look under Help and select "apply downloaded update now" to do so or select “check for updates”.

The list of bugs addressed in the 3.5.3 release is here.

The list of security items for 3.5.3 is here and for 3.0.14 visit  here.

Download Mozilla FireFox 3.5.3

Advertisements

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: