11/27/2007, 11:20pm, EST

Tuesday, November 27th

Firefox 2.0.0.10 update tightens security

Mozilla today released Firefox 2.0.0.10, introducing three security fixes. The update prevents the race condition from being exploited when setting the "window.location" property, which can generate a fake HTTP Referer header and be used as a conduit for cross-site request forgery attacks. Other unspecified errors could be exploited to cause memory corruption, and allow for remote execution of malicious code. There have been no feature additions or interface enhancements with the latest release, but with the upcoming v3.0 release of Firefox, the existing version will most likely only see security and stability enhancements.

Apple issued security fixes with its recent updates for Tiger, Leopard, and Safari for Windows. The Leopard update fixed several issues with the firewall, while the Tiger update fixes AFP Kerberos authentication. Safari 3.0.4b fixes several issues related to malicious remote code execution.

Filed under: security, software
Other story tags: browser, Firefox, mozilla

, 3

3 comments

Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article

Expand All

Global Settings

So annoying

11/28, 8:20am, EST

I have been so frustrated with Firefox's unending Upgrade Now dialogue boxes! It seems like every friggin' day!

I wish they had an option just to update the damn program without bugging me about it.

Zkatz007

Fresh-Faced Recruit

Join Date:May 1999

Status:Offline

Re: so annoying

11/28, 9:49am, EST

It's true. You'd think it was iTunes or something.

But there should be a way around the prompting (and exactly who, while browsing, actually wants to be told you've downloaded a new version and disrupt your work for the wonderful new security features?).

Type about:config in the address bar and hit return. Then, type app.update.silent in the search bar and hit return. This is probably set to false. Change it to true and it might actually work.

Sure, the point-and-clickers out there would say it'd be nice to have a stupid check-mark on the preference pane, but, come on, this is so much simpler and easier. No worrying about help items. No cluttered interfaces. All the options you could ever want....

testudo

Fresh-Faced Recruit

Join Date:Aug 2001

Status:Offline

Re: so annoying

11/28, 12:40pm, EST

FYI, it actually works too.

testudo

Fresh-Faced Recruit

Join Date:Aug 2001

Status:Offline

Your Comments

Not a member of the MacNN forums? Register now for free.

top searches

1. apple

2. iphone

3. apple TV

4. ipod

5. mac

6. BBC

7. icons

8. icon

9. macbook

10. leopard

search for more ..

RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.

MacNN -all

MacNN Reviews

MacNN Podcasts

iPodNN

Electronista

Left Lane News

See all RSS feeds...

Autokredit im Vergleich - Here is some car credit information for our Germany visitors.
Turn your laptop into CASH: Sell us your used laptop. Working or not. Get money FAST. Instant online quote. Shipping is FREE.

Looking For A NEW LAPTOP? Build Your Own!: CHECK IT OUT! Build your Intel®-Powered Laptop With ZipZoomFly. Chassis, Components, Everything.

CHECK OUT THE VIERA FROM PANASONIC: Enter a New Visual Era with Panasonic VIERA HDTVs. An Enhanced Experience.

PowerBookMedic will fix any Powerbook, iBook, iPod: We offer Parts, Hard Drives, Superdrives, Ram Upgrades & Repairs all backed up w/ our 1YR Warranty!

BUILD YOUR LAPTOP WITH ZIPZOOMFLY: ZipZoomFly Introduces The FIRST Build It Yourself Notebook Configurator. Powered by Intel®. CHECK IT OUT!

Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.

Have your product or service listed here.

Default Comment View
External Page Links
Comment Threading View