Firefox update patches security holes

The update tackles seven flaws in the open-source Web browser, including four rated "critical."

Mozilla has sent out an update to Firefox, designed to address seven security flaws in the open-source Web browser.

Firefox 1.5.0.7, released Thursday, tackles a problem that lets outsiders run code remotely and aims to improve the product's stability.

Of the seven vulnerabilities fixed, four are rated "critical" by Mozilla. The new browser version addresses the circumvention of security via an RSA signature forgery flaw, as well as cross-site scripting vulnerabilities. In addition, it patches a JavaScript regular expression heap corruption issue and a memory corruption issue that could lead to the execution of code.

While the update addressed four critical flaws, it was less extensive than one released in July that contained fixes for seven flaws.

The release of Firefox 1.5.0.7 comes alongside the online publication of exploits to attack Microsoft's Internet Explorer. The 5.01 and 6 versions of the Web browser, running on all current versions of the Windows operating system, are affected.

Featured Video