Mozilla Firefox 18.104.22.168 is now available and developers have fixed five bugs tagged as “critical.”
Mozilla Foundation Security Advisory (MFSA) 2006-20 is a fix for crashes that were caused by DHTML.
According to the advisory, “some of these crashes showed evidence of memory corruption that we presume could be exploited to run arbitrary code with enough effort.”
MFSA 2006-22 is titled, “CSS Letter-Spacing Heap Overflow Vulnerability” and could have potentially led to a condition whereby and attacker could run arbitrary code.
MFSA 2006-24 also carriers a “critical” rating and involves a privilege escalation flaw in the crypto.generateCRMFRequest method.
Versions of Firefox prior to the new 22.214.171.124 release were also potentially susceptible to a flaw which could have put them at risk simply by doing a “Print Preview.” MFSA 2006-25, titled, “Privilege escalation through Print Preview,” addresses this flaw.
The new Firefox isn’t just a security update; it also provides universal binary support for Apple MAC OSX on Intel Core processors.