internet apps/networking

10/19/2007, 3:50pm, EDT

Friday, October 19th

Firefox update supports Leopard, fixes security

The Mozilla Foundation today released Firefox 2.0.0.8, an update to the open-source browser. The update brings compatibility with Mac OS X 10.5 Leopard -- although a few issues still exist -- and several security fixes, including two labeled as critical flaws. Released just ahead of next week's release of Leopard, the Firefox update has problems with some media plugins as well as Add-ons that contain binary components. The release notes document problems with rendering, issues when closing other tabs (when 20 or more are open), and when viewing Macromedia Flash content on Intel-based Macs. "To work around this problem, users can remove or move the PowerPC version of 'Flash Player Enabler.plugin' from /Library/Internet Plug-Ins folder," the notes added.

The developers also note that the there is no "Talkback" feature on Intel-based Macs when running natively or under Rosetta. "Talkback" typically sends information about a crash or bug to the developers so it can be fixed. Instead, the Apple Crash report program should launch in the event of application crashes, the notes said.

The browser update also fixes a critical security flaw that would allow malicious sites to locally execute JavaScript code in a webpage with the same privileges as the user. "Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied javascript to run with the same privileges as the user," the developers noted.

In addition critical memory corruption errors were fixed, helping the overall stability of the product. While no specific flaw was known for the memory corruption bugs, the developers "presumed that with enough effort at least some of these could be exploited to run arbitrary code."

Overall, eight specific security fixes were identified as resolved in the latest update.


Filed under: software

, , 1 comment, del.icio.us, slashdot, digg, buzz


1 comment
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
UberFu
issues exist...
0
10/22, 8:19am, EDT
on the Tiger version too_
Fresh-Faced Recruit
Joined Oct 2002
User is offline
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

MacNN iPodNN Electronista
top searches
1. apple
2. iphone
3. apple TV
4. ipod
5. mac
6. BBC
7. icons
8. icon
9. macbook
10. leopard
search for more ..
RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News
Want To Sell Your Laptop? Any Condition - receive Top Cash. Get an instant quote. Free shipping www.CashForLaptops.com

VMware Fusion for $59.99 - limited time offer: Run Windows on a Mac without rebooting with VMware Fusion

Check Out the VIERA from Panasonic!: Enter a New Visual Era with Panasonic VIERA HDTVs. An Enhanced Experience.

Get an IT Degree Online: Get solid credentials. Take your hobby to the next level. Adult Programs. Affordable.

Join The MyView IT Research Panel: Members will receive opportunities to take part in surveys from today's leading businesses.

VMware Fusion for $59.99 - limited time offer: Run Windows on a Mac without rebooting with VMware Fusion

Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.