Firefox 3.0.7 targets security issues

Web browser's second security update in a month addresses eight issues, six of which are deemed critical.

Mozilla on Wednesday released an update to the Firefox Web browser that its developers said fixes eight security issues found in Firefox 3.0.6, six of which were rated critical.

The most serious of the vulnerabilities fixed in version 3.0.7 for Windows, Mac, and Linux could allow attackers to run arbitrary code on a victim's computer, Mozilla warned in security advisories Wednesday.

The six critical flaws affect the browser's garbage collection--which monitors how Firefox modules use the computer's memory--as well as the browser's PNG libraries and in the layout and JavaScript engines.

Mozilla developers said they weren't sure the layout and JavaScript flaws could be exploited.

"Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code," Mozilla said in an advisory.

Updates for Windows, Mac OS X, and Linux are available at the Mozilla site. Firefox 3 users will receive an update notification within 48 hours, or they can download the update manually by selecting "Check for Updates" from the Help menu.

The update--Mozilla's second this year--comes as Firefox continues to chip away at Internet Explorer's market dominance. Mozilla now has 21.77 percent of the global browser market share, compared with IE's 67.44 percent, a drop of more than 7 percentage points in a year, according to figures from Web metrics company Net Applications.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Everything you can expect at Apple's Sept. 9th event

Apple is expected to throw the kitchen sink at us with new iPhones, iPads, a new Apple TV and MacBooks. We'll breakdown what you can expect to see.

by Brian Tong