New Firefox Fixes Holes
Page 1 of 1
UPDATED: Officials at the open source Mozilla Foundation released an update for the Firefox browser Tuesday.
Firefox 1.0.5 is the first update to the popular alternative browser since May 11, when the organization fixed three critical bugs to the Mozilla Update Web service. Firefox 1.0.4 was rushed out the door days after two of the flaws were published by an outfit called the Greyhats Security Group.
The update addresses 12 security issues discovered in the Firefox code, as well as stability fixes to the browser. Chris Hofmann, Mozilla director of engineering, said all the security vulnerabilities, which range from low to two that are critical, have no known exploits.
In addition to Firefox, officials plan to release updates to the Thunderbird e-mail application and Mozilla suite to correct the vulnerabilities addressed in the browser. Hofmann expects Thunderbird and Mozilla updates to be released Wednesday.
As officials pointed out, all three applications use a similar code base, so what affects one may very well affect the others.
Details of the two critical bugs are being withheld until July 20, but both deal with vulnerabilities that could lead to some big headaches for Firefox users.
The first critical bug fixed is described as a "code execution through shared function objects" flaw that would let a Web script