Mozilla patches critical flaws

Three of the five holes in older versions of Firefox are rated "critical." Meanwhile, a security company reports a zero-day flaw in the latest version of the browser.

Mozilla has released fixes for five security holes in older versions of Firefox, while a security company has warned of a zero-day flaw in the latest version of the popular browser.

Mozilla issued patches Wednesday for versions 3.5.8 and 3.0.18 of the browser, sending out fixes for the latter even though it had said it would stop supporting Firefox 3.0 in January. In its security bulletin, the company said the vulnerabilities had previously been resolved in Firefox 3.6, which was launched on January 21. The five flaws addressed by Mozilla included three the company rated "critical." Those three flaws involve an error in handling out-of-memory conditions; stability errors in the Gecko rendering engine; and a bug in the way Mozilla's implementation of Web Worker handles posted messages.

Separately, Secunia reported Thursday an unpatched bug in Firefox 3.6, the most recent version of the browser. The security firm warned that the software contains a bug that could be used to execute malicious code on a user's system.

Read more of "Firefox suffers critical bugs" at ZDNet UK.

About the author
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Tech industry's high-flying 2014
Uber's tumultuous ups and downs in 2014 (pictures)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)