toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Firefox update supports Leopard, fixes security

updated 03:50 pm EDT, Fri October 19, 2007

Firefox 2.0.0.8 released

The Mozilla Foundation today released Firefox 2.0.0.8, an update to the open-source browser. The update brings compatibility with Mac OS X 10.5 Leopard -- although a few issues still exist -- and several security fixes, including two labeled as critical flaws. Released just ahead of next week's release of Leopard, the Firefox update has problems with some media plugins as well as Add-ons that contain binary components. The release notes document problems with rendering, issues when closing other tabs (when 20 or more are open), and when viewing Macromedia Flash content on Intel-based Macs. "To work around this problem, users can remove or move the PowerPC version of 'Flash Player Enabler.plugin' from /Library/Internet Plug-Ins folder," the notes added.

The developers also note that the there is no "Talkback" feature on Intel-based Macs when running natively or under Rosetta. "Talkback" typically sends information about a crash or bug to the developers so it can be fixed. Instead, the Apple Crash report program should launch in the event of application crashes, the notes said.

The browser update also fixes a critical security flaw that would allow malicious sites to locally execute JavaScript code in a webpage with the same privileges as the user. "Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied javascript to run with the same privileges as the user," the developers noted.

In addition critical memory corruption errors were fixed, helping the overall stability of the product. While no specific flaw was known for the memory corruption bugs, the developers "presumed that with enough effort at least some of these could be exploited to run arbitrary code."

Overall, eight specific security fixes were identified as resolved in the latest update.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. UberFu

    Joined: Dec 1969

    0

    issues exist...

    on the Tiger version too_

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented