Mozilla has pushed out a new version of Firefox that fixes numerous security holes, some critical.

Firefox version 3.6.7 addresses 14 vulnerabilities, eight of which are described as critical.

The cross-platform update, published on Tuesday, also aims to tackle a variety of stability glitches, as explained in Mozilla's release notes here.

In other client-side patching news, Apple released a new version of iTunes for Windows machines. The 9.2.1 updates deals with a buffer overflow vulnerability involving the handling of itpc: URLs.

Left unfixed, the flaw creates a possible route for hackers to inject hostile code onto vulnerable Windows boxes, providing they first trick users into opening dodgy links on contaminated websites.

Apple's advisory, which was published on Monday, is here. ®

Related stories

• Firefox update plugs 9 security flaws (20 October 2010)
• Safari and Firefox updates plug critical holes (8 September 2010)
• Firefox 3.6.9 release candidate rocks up for sturdy testers (27 August 2010)
• Mozilla eases fears over phishy URL alert (17 August 2010)
• Firefox update fixes plug-in snafu (26 July 2010)
• Google Chrome bug bounty ups Mozilla's ante (20 July 2010)
• IE and Safari lets attackers steal user names and addresses (20 July 2010)
• Open...and Shut Firefox joins Microsoft in uncool kids class (16 July 2010)
• Mozilla snuffs password pilfering Firefox add-on (15 July 2010)
• Microsoft's .NET at ten: big hits, strange misses (5 July 2010)
• Moz tweaks extension crash controls in Firefox (28 June 2010)