Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Mozilla Issues Security Update For Critical Firefox Flaw

Software Company Mozilla, of late, released one major security patch for its Web-browser Firefox plugging holes which could put Web-surfers in the danger of local bar phishing, data theft or drive-by load attacks.

The update namely Firefox 3.6.7 contains security patches comprising 8 "critical" fixes, 2 "high risk" and 4 "moderate," the company stated.

Meanwhile, in Mozilla's system of severity rating, security flaws described as "critical" let remote hackers carry out arbitrary code execution via a method that is apparent to users. SoftPedia published this on July 21, 2010.

Although the number of fixes rated as critical is 8 in the latest update, the total number of vulnerabilities of critical nature that are patched is in fact more. That's because one patch addresses many problems which are capable of resulting in memory corruption.

Reportedly, the software company has named 2 critical bugs out of the 8 as moz_bug_r_a4. Further, its community of developers discovered the problems within its collective security advisory.

States Mozilla, a particular critical flaw, the most severe one is caused with the way memory bugs, distorted PNG images, and other dangerous code executions are handled.

In addition, the 2 high risk problems include a security flaw that if exploited can let the attacker elude the same-origin limitations allotted to certain canvas component as well as view data from another Internet site. The other flaw is the same type of data disclosure vulnerability of cross-origin nature that eludes the JavaScript's typical origin policy.

Moreover, the 4 moderately critical problems are associated with accessibility of data within websites, techniques for impersonating location bar's contents as well as text using vulnerability which attackers may exploit in XSS (cross-site scripting) assaults.

Hence Mozilla advises that users ensure they have all the latest editions of updates downloaded at the earliest since the vulnerabilities are really critical.

Furthermore according to the company, Mac and Windows users will usually have the Firefox update downloaded automatically; however, during the while, there can be a prompt saying "Check for Updates." Thus users, who have so far not got the notification for automatic update, can initiate it manually.

Related article: Mozilla Rules Out Bug in Its Firefox

ยป SPAMfighter News - 8/3/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page