Path to Firefox 2.0 is Cleared

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Mozilla has updated its now legacy 1.5.x Firefox browser to version, with fixes for three critical security flaws.

The flaws do not affect the recently released Firefox 2.0 version. The latest release will also include an update that will make it easier for existing users to get major upgrades from Mozilla.

Among the critical bugs fixed in this version is titled, "Crashes with evidence of memory corruption." The crashes could have been triggered by several bugs. Mozilla's analysis: there was potential for memory corruption that potentially could have been exploited to run arbitrary code.

Mozilla Foundation Security Advisory 2006-67 discusses a flaw in which a Running Script can be recompiled. According to the advisory, it was possible to modify a Script object while it was executing, potentially leading to the execution of arbitrary JavaScript bytecode.

Mozilla has pledged that it will maintain the Firefox 1.5.x line with stability and security updates until April 24, 2007. Though Mozilla is "strongly encouraging" users to upgrade to Firefox 2.0

One of the issues for some 1.5.x users that have prevented them from upgrading to Firefox 2.0 is that, to date, Firefox 1.5.x has not "advertised" that it can be updated to version 2.0.

This article was first published on InternetNews.com. To read the full article, click here.

Submit a Comment

Loading Comments...