Mozilla Releases Urgent Firefox 3.05 Security Update

Mozilla has come up with a security update, fixing a range of security and stability issues in Firefox browser, with three of the released updates tagged as ‘critical’, while one is rated as ‘high’. 

The new update, dubbed as “Firefox 3.05”, plugs as many as eight security holes, along with addition of some new languages, including Bengali, Hindi, Latvian, Galician, and Esperanto. 

One of the critical patches addresses cross-site scripting (CSS) flaws in SessionStore, which reloads the web pages of previous session, and is primarily used by attackers to steal crucial financial information, and other sensitive data, while users are running SessionStore.

Another critical vulnerability addressed by the patch is associated with XBL binding, which could be exploited by hackers to execute JavaScript randomly, when the XBL binding is linked to an unloaded web-page. 

Moreover, Mozilla’s update also offered umbrella fix for a number of crucial memory corruption malfunctions in the Firefox engine, along with several other Mozilla products, which could enable hackers to carry out remote execution of malicious codes on victim’s computers. 

The patch which is rated ‘high’ by Mozilla plugged the security hole that enabled hackers to direct users to malicious websites, so as to launch cross-domain attacks for stealing victims’ sensitive information. 

Interestingly, Mozilla seems a bit concerned about the users’ rights, as it has replaced its erstwhile End User License Agreement (EULA) with a new info bar tagged as “Know Your Rights”, which automatically appears when the web-browser is first installed. 

Go To Page 2 for our comments and more related links