Posts Tagged Update

Firefox 4: What’s new?

The new major release Firefox 4 is now available since a few days in the final version. But what's new in the Firefox Browser of the 4th Generation? First, it could be said that there are both visual and technical improvements. Let's start with the visual changes. New here is the arrangement of the tabs, menu bar, address bar and buttons.

The tab order in Firefox 4

The tabs are moved up and are now fitted over the address bar. This will have the advantage that the mouse movements to be shorter. Also, the App tab has been migrated from an add-on to default browser functionality. Using the context menu of a tab, there is a "Pin as App-Tab" function.

Read the rest of this entry »

,

No Comments

Changes in Firefox 3.6.13

In the current Firefox version 3.6.13 there are several changes that improve both the stability and the security of the browser. In total there were 11 security-related updates.

  • Incomplete fix for CVE-2010-0179
  • Integer overflow vulnerability in NewIdArray
  • Use-after-free error with nsDOMAttribute MutationObserver
  • Java security bypass from LiveConnect loaded via data: URL meta refresh
  • Add support for OTS font sanitizer
  • Crash and remote code execution using HTML tags inside a XUL tree
  • Chrome privilege escalation with window.open and ISINDEX element
  • Buffer overflow while line breaking after document.write with long string
  • Miscellaneous memory safety hazards
  • Location bar SSL spoofing using network error page
  • XSS hazard in multiple character encodings

, , ,

No Comments

Firefox 3.6.12 fixes a critical security issue

After the release of Firefox 3.6.11 Mozilla has presented the next version of the successful web browser. More or less pleasant, of course, are the reasons that led to a new update. Morten Kråkvik has found a vulnerability in Firefox, with that he could provoke a heap buffer overflow. This makes it theoretically possible that an attacker could execute malicious code on the computer.

The vulnerability can be achieved by the use of Javascript functions document.write exploit with DOM. This problem affect the versions Firefox 3.6 and 5.3, also Thunderbird and SeaMonkey are affected. It is gratifying, however, that Mozilla has reacted quickly and has now fixed the vulnerability. With the new version Firefox 3.6.12, surfing through the internet is safe again.

, ,

No Comments

Security-Updates: Firefox 3.6.11 is available

Mozilla made some security updates in the new Firefox Release 3.6.11!

This is the list of the fixes, which were done:

  • Insecure Diffie-Hellman key exchange
  • Unsafe library loading vulnerabilitie
  • SSL wildcard certificate matching IP addresses
  • Cross-site information disclosure via modal calls
  • XSS in gopher parser when parsing hrefs
  • Dangling pointer vulnerability in LookupGetterOrSetter
  • Use-after-free error in nsBarProp
  • Buffer overflow and memory corruption using document.write
  • Miscellaneous memory safety hazards

The new version is available here.

,

No Comments

Mini-Update: Firefox 3.6.8 available

A few days before Mozilla has released Firefox 3.6.7 and now it is already the next update to version 3.6.8 available! Since the last update there were many changes and fixes, so you could actually expect an imminent update to 3.6.8. Due to the necessary update was that at some sites in conjunction with plug-ins it came to stability problems. This should be fixed now with the new Release.

, ,

No Comments

Mozilla closes lot of security issues in Firefox 3.6.7

Mozilla has released another version of Firefox. With release 3.6.7 a lot of security issues are resolved. About 8 critical and 2 high priority problems.

A list of the fixed bugs:

  • Remote code execution using malformed PNG image
  • nsTreeSelection dangling pointer remote code execution vulnerability
  • nsCSSValue::Array index integer overflow
  • Arbitrary code execution using SJOW and fast native function
  • Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
  • Use-after-free error in NodeIterator
  • DOM attribute cloning remote code execution vulnerability
  • Miscellaneous memory safety hazards

Most of the bugs comes together with buffer overflow and remote code executing. Please update to Firefox 3.6.7 as soon as possible.

, , ,

No Comments

Firefox 3.6.6 is now available

After the previous version of Firefox was scheduled, the Mozilla team updated Firefox again and is now providing Firefox 3.6.6 for all users. Because of the new plugin crash protection which was released in version 3.6.4, some flash games with a loading time of more than 10 seconds, were killed.

In the new release this timeout is now increased to an amount of 45 seconds, so that the most long loading plugins should work again.

, ,

1 Comment

Firefox 3.6.4 coming soon

The signs are condensed, that there will be a new Firefox release available. A few weeks ago, the first beta version of Firefox 3.6.4 was released, now there is already the Firefox 3.6.4 release candidate available for testing.

The main change in the new release concerns the stability during surfing. So the browser shall continue, even if a plugin (Adobe Flash, Apple Quicktime or Microsoft Silverlight) should crash down. The user then has the possibility to send an error report and reload the page.

However, it is advisable to wait for the final version and reinstall both the beta and the release candidate only on a test machine. The final version should be available in a few weeks.

, ,

No Comments