Firefox has been updated to version 3.5.6 and has fixed several security and stability issues. Security advisories on each bug label three of the seven major bugs as critical, one as high, and two as moderate, with the remaining bug fix having no security designation.
The bugs fixed in Firefox 3.5.6 are:
- MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
- MFSA 2009-70 Privilege escalation via chrome window.opener
- MFSA 2009-69 Location bar spoofing vulnerabilities
- MFSA 2009-68 NTLM reflection vulnerability
- MFSA 2009-67 Integer overflow, crash in libtheora video library
- MFSA 2009-66 Memory safety fixes in liboggplay media library
- MFSA 2009-65 Crashes with evidence of memory corruption (rv:184.108.40.206/ 220.127.116.11)
Users can read the full release notes and download Firefox 3.5.6 here
. For more information on this release, read this
Be sure to check us out on Twitter and the CNET Mac forums.
Do you have questions, issues, or stories you would like to see on MacFixIt? Email Us.