toggle

AAPL Stock: 442.93 ( 0 )

http://www.macnn.com/articles/07/11/27/firefox.update/

Firefox 2.0.0.10 update tightens security

updated 11:20 pm EST, Tue November 27, 2007

 

Firefox update


Mozilla today released Firefox 2.0.0.10, introducing three security fixes. The update prevents the race condition from being exploited when setting the "window.location" property, which can generate a fake HTTP Referer header and be used as a conduit for cross-site request forgery attacks. Other unspecified errors could be exploited to cause memory corruption, and allow for remote execution of malicious code. There have been no feature additions or interface enhancements with the latest release, but with the upcoming v3.0 release of Firefox, the existing version will most likely only see security and stability enhancements.

Apple issued security fixes with its recent updates for Tiger, Leopard, and Safari for Windows. The Leopard update fixed several issues with the firewall, while the Tiger update fixes AFP Kerberos authentication. Safari 3.0.4b fixes several issues related to malicious remote code execution.


by MacNN Staff

Post tools:

TAGS :

 security, software, Firefox, mozilla, browser

Related Articles

Recent Articles

toggle

Comments

  1. Zkatz007

    Fresh-Faced Recruit

    Joined: May 1999

    0
    11/28, 08:20am | report spam | Reply |

    So annoying

    I have been so frustrated with Firefox's unending Upgrade Now dialogue boxes! It seems like every friggin' day!

    I wish they had an option just to update the damn program without bugging me about it.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    11/28, 09:49am | report spam | Reply |

    Re: so annoying

    It's true. You'd think it was iTunes or something.

    But there should be a way around the prompting (and exactly who, while browsing, actually wants to be told you've downloaded a new version and disrupt your work for the wonderful new security features?).

    Type about:config in the address bar and hit return. Then, type app.update.silent in the search bar and hit return. This is probably set to false. Change it to true and it might actually work.

    Sure, the point-and-clickers out there would say it'd be nice to have a stupid check-mark on the preference pane, but, come on, this is so much simpler and easier. No worrying about help items. No cluttered interfaces. All the options you could ever want....

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    11/28, 12:40pm | report spam | Reply |

    Re: so annoying

    FYI, it actually works too.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News