Skip to content

Firefox 3.0.10 patches *UPDATE*

28-4-2009

The Mozilla developers have announced the release of version 3.0.9 of their open source Firefox browser, patching several vulnerabilities. The security and stability release addresses several vulnerabilities and contains several bug fixes.

A total of four critical vulnerabilities in the browser engine used by Firefox and other Mozilla products, such as the Thunderbird email client, have been patched that could have allowed an attacker to inject and run arbitrary code. Version 2.0.22 of Thunderbird should be released shortly and will address the same vulnerabilities. Two high risk vulnerabilities related to cross site scripting (XSS) attacks and content injection attacks have been fixed in the Firefox release, as they violated the same origin policy. A total of six moderate to low vulnerabilities were also patched.

Mozilla notes that Firefox 2.0.0.x releases are no longer supported and also contain several known security vulnerabilities which will not be patched. Mozilla strongly advises that all Firefox users upgrade to the latest release.

More details about the release can be found in the release notes. Firefox 3.0.10 is available to download, or Firefox users can use the Firefox update service by selecting Help, then Check For Updates.

See also:

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: