Firefox 2.0.0.8 includes Apple Leopard support

Update also fixes 10 security flaws.

Mozilla on Friday released version 2.0.0.8 of its popular Firefox browser. The new release includes support for Apple's upcoming Mac OS X 10.5 operating system, Leopard. The new Firefox release also addresses several security flaws.

One of the critical flaws (CVE-2007-5838) allows attacker-supplied javascript to run with the same privileges as the user. Another critical patch addresses two specific vulnerabilities (CVE-2007-5339 and CVE-2007-5340), plus a range of other performance issues that might, under the proper circumstances, be exploited with remote code.

Other fixes address flaws in URI protocol handling; an onUnload Tailgating issue; a vulnerability in the SFTP protocol; a flaw that hides a window title bar on XUL pages; and vulnerabilities in file input focus stealing and browser digest authentication.

Current users of Firefox will automatically receive the update. New users can download the browser from Mozilla.

About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments