Mozilla Closes Up Gaping Holes.
Mozilla Corp. updated its Firefox Internet browser last friday patching up 14 vulnerabilities, three of them is considered critical. Mozilla pushed out the new versions without fixing several flaws.
Michael Zelewski, a polish reseracher disclosed some series of bugs in FireFox this month. Firefox 2.0.0.2 and Firefox 1.5.0.10, which originally were to release on Wednesday, were delayed to patch a series of bugs. ” Neither of those will make this release. It is important that we get the security fixes we have into the hands of our users “- Daniel Veditz, Mozilla security The most serious of the bugs that was not fix according to Zelewski is a memory corruption flaw that could let attackers inject code remotely into Firefox-equipped machines simply by duping users into visiting a malicious Web page. ” Firefox is susceptible to a seemingly pretty nasty, and apparently easily exploitable, memory corruption vulnerability “. Another unfixed bug noticed by Zelewski could give cybercriminals a leg up when running phishing attacks. ” Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. This could facilitate the remote compromise of affected computers. ” - Symantec Corp.
Mozilla posted there bug fixes on Firefox. Firefox 1.5.0.10 is nearly at the end of its supported lifespan. After April 24, Mozilla will stop issuing security and stability updates to that edition.
| 2.9 |
admin
Leave a Comment
If you would like to make a comment, please fill out the form below.
