Users are encouraged to update to Firefox 220.127.116.11 to address the flaws, the most serious of which include a location.hostname vulnerability disclosed in mid-February by researcher Michal Zalewski, and a critical memory corruption bug that can lead to crashes.
"Due to the security fixes, we strongly recommend that all Firefox users upgrade to these latest releases," Mozilla representatives wrote on their development site.
Mozilla worked quickly to fix the flaw discovered by Zalewski, said Mike Schroepfer, vice president of engineering at Mozilla.
"Thanks to the work of our contributors, we have been able to address these issues quickly in order to minimise the security risk to Firefox users," Schroepfer said in a statement.
Mozilla update fixes Firefox security flaws
By Ericka Chickowski on Feb 27, 2007 5:09AM