Mozilla patches critical flaws

Three of the five holes in older versions of Firefox are rated "critical." Meanwhile, a security company reports a zero-day flaw in the latest version of the browser.

Mozilla has released fixes for five security holes in older versions of Firefox, while a security company has warned of a zero-day flaw in the latest version of the popular browser.

Mozilla issued patches Wednesday for versions 3.5.8 and 3.0.18 of the browser, sending out fixes for the latter even though it had said it would stop supporting Firefox 3.0 in January. In its security bulletin, the company said the vulnerabilities had previously been resolved in Firefox 3.6, which was launched on January 21. The five flaws addressed by Mozilla included three the company rated "critical." Those three flaws involve an error in handling out-of-memory conditions; stability errors in the Gecko rendering engine; and a bug in the way Mozilla's implementation of Web Worker handles posted messages.

Separately, Secunia reported Thursday an unpatched bug in Firefox 3.6, the most recent version of the browser. The security firm warned that the software contains a bug that could be used to execute malicious code on a user's system.

Read more of "Firefox suffers critical bugs" at ZDNet UK.

About the author
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Nissan gives new Murano bold style (pictures)
Top great space moments in 2014 (pictures)
This is it: The Audiophiliac's top in-ear headphones of 2014 (pictures)
ZTE's wallet-friendly Grand X (pictures)
Lenovo reprises clever design for the Yoga Tablet 2 (Pictures)
Top-rated reviews of the week (pictures)