Text Size

Firefox 2.0.0.10 update tightens security

updated 11:20 pm EST, Tue November 27, 2007

Firefox update

Mozilla today released Firefox 2.0.0.10, introducing three security fixes. The update prevents the race condition from being exploited when setting the "window.location" property, which can generate a fake HTTP Referer header and be used as a conduit for cross-site request forgery attacks. Other unspecified errors could be exploited to cause memory corruption, and allow for remote execution of malicious code. There have been no feature additions or interface enhancements with the latest release, but with the upcoming v3.0 release of Firefox, the existing version will most likely only see security and stability enhancements.

Apple issued security fixes with its recent updates for Tiger, Leopard, and Safari for Windows. The Leopard update fixed several issues with the firewall, while the Tiger update fixes AFP Kerberos authentication. Safari 3.0.4b fixes several issues related to malicious remote code execution.

 
Previous Comments

So annoying

11/28, 08:20am reply

I have been so frustrated with Firefox's unending Upgrade Now dialogue boxes! It seems like every friggin' day!

I wish they had an option just to update the damn program without bugging me about it.

Zkatz007

Fresh-Faced Recruit

Joined: May 1999

0

Re: so annoying

11/28, 09:49am reply

It's true. You'd think it was iTunes or something.

But there should be a way around the prompting (and exactly who, while browsing, actually wants to be told you've downloaded a new version and disrupt your work for the wonderful new security features?).

Type about:config in the address bar and hit return. Then, type app.update.silent in the search bar and hit return. This is probably set to false. Change it to true and it might actually work.

Sure, the point-and-clickers out there would say it'd be nice to have a stupid check-mark on the preference pane, but, come on, this is so much simpler and easier. No worrying about help items. No cluttered interfaces. All the options you could ever want....

testudo

Fresh-Faced Recruit

Joined: Aug 2001

0

Re: so annoying

11/28, 12:40pm reply

FYI, it actually works too.

testudo

Fresh-Faced Recruit

Joined: Aug 2001

0

Popular News