Thursday, December 18, 2008

Upgrades issued for Firefox and Internet Explorer

Mozilla has launched a new release of the popular Firefox 3.0 browser bringing the latest stable (public) version to 3.0.5.

Included in the latest release is a patch for a widely documented security issue that 'could' run code on your computer without you realizing it.  That virus has also been addressed by Microsoft with an emergency patch for Internet Explorer versions 6, 7 and IE8 Beta 2.

Mozilla also took the opportunity the implement some additional fixes in this upgrade (for you 'tech types') including:
   XSS vulnerabilities in SessionStore
   XSS and JavaScript privilege escalation
   Escaped null characters ignored by CSS parser
   Errors parsing URLs with leading whitespace and control characters
  Cross-domain data theft via script redirect error message
  XMLHttpRequest 302 response disclosure
  User tracking via XUL persist attribute
  Crashes with evidence of memory corruption (rv:

Users of Firefox maybe automatically updated, or can simply hit 'Help' on the top bar and then 'Check for Updates'.  Internet Explorer users should visit Windows Update or Microsoft Update for the security patch.

Internet Explorer details can be found at this Microsoft Website.
Details from Mozilla on Firefox 3.0.5 can be found here.