Firefox released

— 11:10 AM on May 3, 2006

Mozilla has released a new security update to its Firefox web browser. The release fixes a "highly critical" denial of service vulnerability in the browser that could cause crashes and potential malicious code execution. According to the Secunia listing, the vulnerability is caused by "a reference to a deleted object when designMode is enabled. This can be exploited to corrupt the memory and cause a crash by calling the 'contentWindow.focus()' method on a container with specially crafted content." Mozilla says older versions of Firefox 1.0.x and the Mozilla suite 1.7.x are not affected, leaving only versions of Firefox between 1.5 and as potential targets for the security hole. The update can either be downloaded by going into Firefox's Help menu and selecting "Check for Updates..." or downloading the new release from Mozilla's Firefox page.

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. BIF - $340 2. Ryu Connor - $250 3. mbutrovich - $250
4. YetAnotherGeek2 - $200 5. End User - $150 6. Captain Ned - $100
7. Anonymous Gerbil - $100 8. Bill Door - $100 9. ericfulmer - $100
10. dkanter - $100
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.