Mozilla issues security updates for Firefox 2 and 1.5

Updates address some critical vulnerabilities in the popular browser.

Mozilla has released Firefox 2.0.0.4 and Firefox 1.5.0.12 to address six security vulnerabilities. Most users will automatically receive this update and be asked to restart Firefox to install it. This update will probably be the final one for Firefox 1.5. As such, Mozilla provides an easy upgrade path for current 1.5 users to upgrade to 2.0. All Firefox users are urged to install this update, as it addresses the following security issues CVE-2007-2871 (XUL Popup Spoofing); CVE-2007-2870 (XSS using addEventListener); CVE-2007-1362 (Path Abuse in Cookies) CVE-2007-2869 (Persistent Autocomplete Denial of Service) CVE-2007-2867 and CVE-2007-2868 (Crashes with evidence of memory corruption).

This update also enhances Firefox support within the Windows Vista operating system, although links within some applications still may not open in Firefox even if you have chosen Firefox as your default browser; a Windows Media Player plug-in still doesn't exist for Firefox; Windows Vista Parental Controls are not completely honored yet within Firefox; and cookies and saved forms from Internet Explorer still have to be manually imported. Mozilla has posted workarounds for these.

Finally, this release of Firefox adds language support for Afrikaans and Belarusian.

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

CNET's giving away a 3D printer

Enter for a chance to win* the Makerbot Replicator 3D Printer and all the supplies you need to get started.