Mozilla Patches 11 Firefox new vulnerabilities

Mozilla on Wednesday patched 11 vulnerabilities in Firefox 3.0 — and 12 bugs in the older Firefox 2.0 — that could be used to compromise computers and steal information.

Wednesday’s update patched virtually the same number of vulnerabilities as the last security upgrade seven weeks ago.

Firefox 3.0.4, the fourth update since Mozilla launched the browser in June, fixes six flaws rated “critical,” two “high,” two “moderate,” and one “low” in Mozilla’s four-step scoring system. Most of the critical bugs could be used by hackers to introduce their own malicious code into a vulnerable system.

The most serious flaws were found in the browser’s layout and JavaScript engines, while others included a buffer overflow bug in the HTTP index format parser and one pegged as moderate was found in the file: protocol handler.

Mozilla also updated the nearly retired Firefox to The update will be the next-to-the-last one for the older Firefox 2.0, which will be dropped from support next month.

Not updated on Wednesday was Thunderbird, which remains at Version The patches gap between Firefox and Thunderbird has been more than a month.

Users can download the update for Windows, Mac OS X and Linux from the Mozilla site.


Please enter your comment!
Please enter your name here