The Mozilla web browser Firefox and derived products like Thunderbird, SeaMonkey and the Netscape Browser contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
To solve this problem, Mozilla Foundation, the nice people behind Firefox have just released a very important security release, so if you’re running Firefox, you need to go grab the latest release right away.
The following security issues have been fixed:
- XUL Popup Spoofing
- XSS using add Event Listener
- Path Abuse in Cookies
- Persistent Auto complete Denial of Service
- Crashes with evidence of memory corruption
According to Mozilla, also in this release are more enhancements and fixes for Windows Vista with the following caveats:
Clicking links in some applications (e.g. some instant messaging programs) might not open them in Firefox, even if you have set it as your default browser. To workaround this problem, go to Start -> Default Programs -> Set default programs for this computer, expand custom, select the radio button next to the app you want to set as the system wide default app (e.g. Firefox, etc.), and apply.
A Windows Media Player (WMP) plugin is not provided with Windows Vista. As a workaround, in order to view Windows Media content, you can follow these instructions. Note that after installing you may have to get a security update and apply it before you can see the content in the browser.
Vista Parental Controls are not completely honored. In particular, file downloads do not honor Vista’s parental control settings. This will be addressed in an upcoming Firefox release.
When migrating from Internet Explorer 7 to Firefox, cookies and saved form history are not imported.
I personally think you shouldn’t be running Vista on your machine as it’s still so very buggy and Windows XP SP2 is pretty solid these days.
For those of you wondering, on my computers I run both Windows XP Pro SP2 and Fedora Core 5 and 6.
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
I use a souped-up copy of XP-Pro-SP2, with all security updates, and drivers slipstreamed into the install. It also runs all by itself once started. I won’t touch Vista. I also run Ubuntu.
I’m running XP and Ubuntu. For main tasks and surfing, I use XP and Firefox, but for just fooling around, I use Ubuntu.
The new release seems to use less memory to me – I am trying to determine if the so-called “memory leak” is a real thing or if it is a 1) figment of our collective imaginations or 2) the result of buggy extensions.
Hi Myra, I would have to say it’s a little of both, buggy extensions and our imaginations