X

Critical flaws squashed in Firefox update

Update to popular open-source Web browser addresses a dozen security vulnerabilities, five of which are deemed critical.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
Mozilla has released an update to its Firefox Web browser that repairs a dozen security vulnerabilities, five of which are deemed "critical."

The most serious of the bugs could be exploited by miscreants to hijack vulnerable systems, Mozilla said Thursday. The company, which oversees Firefox development, has published security advisories for each of the flaws repaired by the Firefox update.

"Firefox 1.5.0.4 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers," Mozilla said on its Web site. "We recommend that all users upgrade to this latest version."

Security monitoring company Secunia deems the Firefox issues "highly critical," one notch below its most severe rating.

The latest Firefox update comes a month after the previous security fix release for the popular open-source browser. Users of Firefox 1.5 or newer, released last November, will receive the patches automatically.

While the security flaws may affect the earlier 1.0 versions of Firefox, Mozilla is not providing security updates for those releases. "1.0.8 is the last update for the 1.0.x line of Firefox," a company representative said. All users are advised to upgrade to the 1.5.0.4 version. The 1.0.8 version came out in April.