Mozilla Corp. Thursday updated its Firefox browser to fix 7 flaws, including 4 pegged by the open-source developer as "Critical."
Of the four critical vulnerabilities patched in Firefox 1.5.0.7, none are currently being exploited, Mozilla said in detailed descriptions of each fixed flaw.
In fact, Mozilla said in several of the descriptions that it was not
sure whether the specific vulnerabilities could be exploited, but had
issued patches just in case.
"We presume that at least some of these could be exploited to run arbitrary code with enough effort," Mozilla stated in one patch's explanation.
That jibes with recent comments made by the company's new security chief, Window Snyder, who pointed out in a Tuesday interview that Mozilla's developers fix bugs even if they can't prove they are exploitable.
Two of the remaining 3 patches were labeled as "Moderate," while the third was tagged as "Important" by Mozilla. Danish vulnerability tracker Secunia, on the other hand, gave the update a collective "Highly critical" rating, its second-most-dire ranking.
Mozilla also updated the Thunderbird e-mail client to 1.5.0.7, and patched 6 vulnerabilities, 2 of them critical.
The independent Camino and SeaMonkey projects updated their applications Thursday, too. The former, a native Mac OS X browser, moved up to version 1.0.3
by fixing several critical security and stability problems, and
integrated the patches to the most recent Gecko rendering engine. SeaMonkey, which is a follow-on to the discontinued Mozilla browsing suite, migrated to version 1.0.5.
Firefox 1.5.0.7 and Thunderbird 1.5.0.7 can be downloaded from the
Mozilla site. Existing users, meanwhile can update from within the
browser or e-mail client (Help|Check for Updates in the Windows
version), or wait for the automatic update service to kick in.
The new versions are available for Windows, Mac OS X, and Linux in 37 language-localized versions.
powered by performancing firefox
0 comments:
Post a Comment