Hasta La Gadget!

This article was written on July 18, 2007 by CyberNet.

Mozilla released an important update to the Firefox web browser today. The new Firefox 2.0.0.5 fixes a critical flaw that enables a hacker to control a user’s computer. Ironically, this was done by letting the hacker launch Firefox through Internet Explorer, and then Firefox would run malicious instructions that could compromise their system.

Firefox 2.0.0.5 fixes a total of 8 security related bugs: 3 are critical, 2 are high-priority, 1 is moderate, and 2 are minor. Aside from those there are an additional 91 stability fixes with 15 of those being related to Firefox crashing. So this version offers more than just significant security fixes.

No one is quite sure whether the big security bug is Internet Explorer’s fault for passing insecure data to another application, or whether it was Firefox’s fault for not validating the input. At least Mozilla stepped up to fix it before it turned into a widespread vulnerability. And just because Firefox has patched this issue doesn’t mean that you are in the clear from the attack. It was recently discovered that Trillian is also affected when using the AIM portion, and it is expected that other applications are susceptible to the attack as well.

Note: A similar update for Thunderbird is expected shortly.

Download Firefox 2.0.0.5 – It doesn’t appear that Mozilla has enabled the automatic updates through Firefox at this time, so you will have to download it if you don’t want to wait.

Source: Mozilla Links & MozillaZine
Thanks for the tip CoryC!

Copyright © 2009 CyberNet | CyberNet Forum | Learn Firefox

Related Posts:

Firefox 2.0.0.6 – Yes, it’s Another UpdateMicrosoft Flaw Being Sold On eBayMozilla Firefox 1.5.0.5 Release Scheduled For ThursdayDownload Microsoft Virtual Server 2005 R2 For FreeMozilla Fixes 2300 Bugs In Firefox 2.0 So Far