Mozilla late Tuesday pushed out a security update to its Firefox browser to repair seven flaws deemed "critical," meaning they could be exploited to launch attack code to install malicious software on victims' machines.
In total, Firefox version 3.0.2 corrects 12 vulnerabilities.
The critical bugs involve a memory corruption issue in the browser engine, according to a Firefox advisory, and a privilege escalation problem in XPCNativeWrappers, according to a second advisory.
The latest version also rectifies four vulnerabilities rated "moderate" risk and one rated "low" risk.
The new updates also are covered in Firefox 22.214.171.124. Mozilla has said it will end support for Firefox 2 in December.
Tuesday's fixes are also part of email client Thunderbird 126.96.36.199 and internet suite SeaMonkey 1.1.12.
See original article on scmagazineus.com
Firefox fixes holes with new release
By Dan Kaplan on Sep 25, 2008 10:01AM