Feeds

Firefox update squashes 9 security bugs, 4 critical

Get yours today

Build a business case: developing custom apps

Mozilla has released a new version of its Firefox browser that plugs nine security holes, four of which are rated "critical," the foundation's highest vulnerability level.

Version 3.0.11 squashes a javascript chrome privilege escalation bug, which Mozilla said allows attackers to execute malware on the computers of end users. Exploits would work by manipulating chrome privileged objects, such as a browser sidebar.

Other critical vulnerabilities include stability bugs in the browser engine, crashes that caused memory corruption and a race condition while accessing the private data of a NPObject JS wrapper class object. A complete list of fixes is available here.

Mozilla said some of same bugs have been fixed in version 2.0.0.22 of Thunderbird, but at time of writing, the most current version of the email application was 2.0.0.21. We wouldn't be surprised if an update was released soon.

As usual, the update will be pushed directly to Firefox users and requires only a simple restart of the browser to be installed. If only all software updates were that easy. ®

Next gen security for virtualised datacentres

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Scale data protection with your virtual environment
To scale at the rate of virtualization growth, data protection solutions need to adopt new capabilities and simplify current features.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?