Browser Security News

The most critical flaw in Firefox hasn’t been addressed in the update released today. Mozilla’s out with Firefox updates and is urging that customers upgrade immediately to fix critical security holes and stability issues. Issued today were Firefox 1.5.0.10, Firefox 2.0.0.2, and Thunderbird 1.5.0.10, available for Windows, Mac and Linux at getfirefox.com and getthunderbird.com. Mike Schroepfer, vice president of engineering, said in a written release that the update resolves Firefox’s critical location.hostname vulnerability, along with other unspecified security and stability issues.

Unmentioned was another critical flaw, discovered yesterday, having to do with memory corruption and possible PC takeover. Digging into the details of the fixes initially revealed that the memory corruption issue was indeed fixed in 2.0.0.2. Security Watch - Open Source - Most Critical Firefox Flaw Remains Unzapped