Mozilla releases Firefox 3.5.6; fixes critical security bugs

Firefox has been updated to version 3.5.6 and has fixed several security and stability issues.

Firefox has been updated to version 3.5.6 and has fixed several security and stability issues. Security advisories on each bug label three of the seven major bugs as critical, one as high, and two as moderate, with the remaining bug fix having no security designation.

The bugs fixed in Firefox 3.5.6 are:

  • MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
  • MFSA 2009-70 Privilege escalation via chrome window.opener
  • MFSA 2009-69 Location bar spoofing vulnerabilities
  • MFSA 2009-68 NTLM reflection vulnerability
  • MFSA 2009-67 Integer overflow, crash in libtheora video library
  • MFSA 2009-66 Memory safety fixes in liboggplay media library
  • MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)
Users can read the full release notes and download Firefox 3.5.6 here. For more information on this release, read this Computerworld article.


Be sure to check us out on Twitter and the CNET Mac forums.
Do you have questions, issues, or stories you would like to see on MacFixIt? Email Us.

About the author

    Joe is a seasoned Mac veteran with years of experience on the platform. He reports on Macs, iPods, iPhones and anything else Apple sells. He even has worked in Apple retail stores. He's also a creative professional who knows how to use a Mac to get the job done.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.