Mozilla Makes Firefox More Secure With 3.0.7 Update; Thunderbird Still Vulnerable

In a bid to address a number of security issues, Mozilla Corp. released an update to its signature Firefox web browser to plug as many as eight security holes noted in Firefox web browser version 3.0.6, out of which six were rated as “critical”.

The updated Firefox 3.0.7 web browser includes patches for six “critical” vulnerabilities in the PNG libraries used by the Firefox web browser, garbage collection routine of the browser, in JavaScript engines and lay out.

Engineers at Mozilla observed a range of stability issues, some of which even set off crashes in the web browser that eventually lead to memory corruption within the browser, which actually prompt engineers to come up with security updates.

Most importantly, the new version of the web browser fixes vulnerabilities for Windows, Linux and Mac operating systems that could enable hackers to execute code on a victim’s computer, the company said in its advisory.

Though the recent update patches some critical security issues, some of which, Mozilla says, even enable hackers to execute remote code on the victim’s computer, but the vulnerability still affects its latest Thunderbird release, 2.0.0.19.

Besides, these vulnerabilities affect the Thunderbird e-mail program along with Firefox, but Mozilla asserted that Thunderbird patches won’t be available until the version 2.0.0.21.

Go To Page 2 for our comments and more related links

Our Comments

Security is an ongoing battle that needs to be fought but cannot be won. Interestingly, the critical issues the last Firefox 3.0.7 are cross-platform, targeting Windows, Linux and Mac. Also worrying is the fact that Thunderbird remains vulnerable even though details about the flaw are out in the wild.

Related Links

Firefox Update Closes Security Holes, Thunderbird Still Vulnerable

(PC World)

Firefox 3.0.7 targets security issues

(CNet)

Mozilla releases Firefox 3.0.7 – three critical flaws addressed

(The Tech Herald)

Firefox update tackles critical memory bugs

(The Register)

Firefox 3.0.7 update released

(Pocket-Lint)

Mozilla patches eight Firefox bugs, six critical

(Computerworld)