8 February 2008
Mozilla has released a new update of Firefox that fixes ten security vulnerabilities, three of which are deemed critical.
The trio of critical patches for Firefox 2.0.0.12 variously fix vulnerabilities including web browsing history and forward navigation stealing bugs; a privilege escalation flaw that creates a possible mechanism to run cross site scripting exploits and also poses a malware injection risk; and a memory corruption bug in the popular open source browser.
The patches are due to be released in the form of automatic update.
The Firefox update completes a busy week for client software update, with patches for Adobe Reader, Skype and QuickTime all arriving this week. Client-side versions of Java also need updating. Future promises expect to see the arrival of a dozen patches from Microsoft, on a special Valentine's Day edition of Patch, seven of which earn the dread rating of critical. The critical updates cover a variety of unspecified flaws in IE, Office and Windows as explained in Microsoft's alert.
Security notification firm Secunia reported that progress in installing the then available patches has been slow.
Keep up to date with industry and Nomensa news by signing up to Nomensa newsletters.
