RSS RSS Twitter Twitter
internet apps/networking

11/27/2007, 11:20pm, EST

Tuesday, November 27th

Firefox 2.0.0.10 update tightens security

Mozilla today released Firefox 2.0.0.10, introducing three security fixes. The update prevents the race condition from being exploited when setting the "window.location" property, which can generate a fake HTTP Referer header and be used as a conduit for cross-site request forgery attacks. Other unspecified errors could be exploited to cause memory corruption, and allow for remote execution of malicious code. There have been no feature additions or interface enhancements with the latest release, but with the upcoming v3.0 release of Firefox, the existing version will most likely only see security and stability enhancements.

Apple issued security fixes with its recent updates for Tiger, Leopard, and Safari for Windows. The Leopard update fixed several issues with the firewall, while the Tiger update fixes AFP Kerberos authentication. Safari 3.0.4b fixes several issues related to malicious remote code execution.


Filed under: security, software
Other story tags: Firefox, browser, mozilla

, , 3comments, del.icio.us, slashdot, digg, buzz , Twitter



3 comments
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
So annoying
0
11/28, 8:20am, EST
I have been so frustrated with Firefox's unending Upgrade Now dialogue boxes! It seems like every friggin' day!

I wish they had an option just to update the damn program without bugging me about it.
Fresh-Faced Recruit
Joined May 1999
User is offline
Re: so annoying
0
11/28, 9:49am, EST
It's true. You'd think it was iTunes or something.

But there should be a way around the prompting (and exactly who, while browsing, actually wants to be told you've downloaded a new version and disrupt your work for the wonderful new security features?).

Type about:config in the address bar and hit return. Then, type app.update.silent in the search bar and hit return. This is probably set to false. Change it to true and it might actually work.

Sure, the point-and-clickers out there would say it'd be nice to have a stupid check-mark on the preference pane, but, come on, this is so much simpler and easier. No worrying about help items. No cluttered interfaces. All the options you could ever want....
Fresh-Faced Recruit
Joined Aug 2001
User is offline
Re: so annoying
0
11/28, 12:40pm, EST
FYI, it actually works too.
Fresh-Faced Recruit
Joined Aug 2001
User is offline
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News
Want To Sell Your Laptop? Any Condition - receive Top Cash. Get an instant quote. Free shipping www.CashForLaptops.com

Internet Marketing School - 100% Online: Master SEO, SEM, E Commerce, Media & More with a U of San Francisco Certificate.

Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.