toggle

AAPL Stock: 117.6 ( -1.03 )

Printed from http://www.macnn.com

Firefox update supports Leopard, fixes security

updated 03:50 pm EDT, Fri October 19, 2007

Firefox 2.0.0.8 released

The Mozilla Foundation today released Firefox 2.0.0.8, an update to the open-source browser. The update brings compatibility with Mac OS X 10.5 Leopard -- although a few issues still exist -- and several security fixes, including two labeled as critical flaws. Released just ahead of next week's release of Leopard, the Firefox update has problems with some media plugins as well as Add-ons that contain binary components. The release notes document problems with rendering, issues when closing other tabs (when 20 or more are open), and when viewing Macromedia Flash content on Intel-based Macs. "To work around this problem, users can remove or move the PowerPC version of 'Flash Player Enabler.plugin' from /Library/Internet Plug-Ins folder," the notes added.

The developers also note that the there is no "Talkback" feature on Intel-based Macs when running natively or under Rosetta. "Talkback" typically sends information about a crash or bug to the developers so it can be fixed. Instead, the Apple Crash report program should launch in the event of application crashes, the notes said.

The browser update also fixes a critical security flaw that would allow malicious sites to locally execute JavaScript code in a webpage with the same privileges as the user. "Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied javascript to run with the same privileges as the user," the developers noted.

In addition critical memory corruption errors were fixed, helping the overall stability of the product. While no specific flaw was known for the memory corruption bugs, the developers "presumed that with enough effort at least some of these could be exploited to run arbitrary code."

Overall, eight specific security fixes were identified as resolved in the latest update.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. UberFu

    Joined: Dec 1969

    0

    issues exist...

    on the Tiger version too_

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a for ...

toggle

Most Commented