Update Firefox...

Melbosa · April 17, 2006, 02:35:15 PM

Thought I'd let you know, any Mozilla Browser peeps out there, just got official notice of some vulnerabilities that need to be addressed with an upgrade to the latest version of your browsers.

FYI

Mr. Analog · April 17, 2006, 02:38:49 PM

Linkage?

Lazybones · April 17, 2006, 02:59:38 PM

Received the autoupdate already on both my systems.

Thorin · April 17, 2006, 05:51:19 PM

Quote from: "Mr. Analog"Linkage?

http://www.mozilla.com/firefox/releases/1.5.0.2.html

I got there by clicking Help->Check for Updates... in Firefox.

Tom · April 17, 2006, 09:24:16 PM

Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.

Mr. Analog · April 17, 2006, 11:21:21 PM

Quote from: "Tom"Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.

What OS is that? I haven't had any problems (and I use multiple tabs a lot). (Currently using 45 MBs).

Tom · April 18, 2006, 12:52:21 AM

I tend to use multiple windows with multiple tabs.. And my firefox process would eat at least 100MB, sometimes around 200-300MB.

As for my OS, it be linux.

Melbosa · April 18, 2006, 08:39:50 AM

Quote from: "Mr. Analog"Linkage?

These might be the links you were looking for:

http://www.mozilla.org/security/announce/

http://www.mozilla.org/projects/security/known-vulnerabilities.html

http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2006

I subscribe to the cert alerts, both technical and professional. They only release information once they have a solution, as to reduce possibility of exploiters taking advantage of found vulnerabilities.

Mr. Analog · April 18, 2006, 10:13:21 AM

Yep found 'em already just thought you might have them before I started hitting the update sites.

Darren Dirt · April 18, 2006, 03:20:19 PM

Happy to see that with 1.5.2 my fave extension "Launchy" still works

PS: wow, check out the description of some of the security holes and stuff -- some very creative minds when it comes to finding new (theoretical) ways to execute malicious code...

Mozilla Foundation Security Advisories ( http://www.mozilla.org/security/announce/ ) ...

April 13, 2006

MFSA 2006-29 Spoofing with translucent windows

MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented

MFSA 2006-26 Mail Multiple Information Disclosure

MFSA 2006-25 Privilege escalation through Print Preview

MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest

MFSA 2006-23 File stealing by changing input type

MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability

MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2)

MFSA 2006-19 Cross-site scripting using .valueOf.call()

MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability

MFSA 2006-17 cross-site scripting through window.controllers

MFSA 2006-16 Accessing XBL compilation scope via valueOf.call()

MFSA 2006-15 Privilege escalation using a JavaScript function's cloned parent

MFSA 2006-14 Privilege escalation via XBL.method.eval

MFSA 2006-13 Downloading executables with "Save Image As..."

MFSA 2006-12 Secure-site spoof (requires security warning dialog)

MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.

MFSA 2006-10 JavaScript garbage-collection hazard audit

MFSA 2006-09 Cross-site JavaScript injection using event handlers

I bolded my personal favorite; read the description to see why, wow that's a twisted mind who would think of doing that

- - -

On the topic of Firefox popularity, check out these interesting Browser Statistics from W3Schools.com .