Firefox 3.6.3 Update Fixes "Critical" Security Issue
Firefox 3.6.3 Update Fixes "Critical" Security Issue
Posted 04/02/2010 at 12:07pm
| by Paul Lilly
6
Comments
Print
Mozilla on Thursday issued an update to Firefox bringing the current version to 3.6.3. The update fixes a "critical" security flaw that was exploited during the recent Pwn2Own contest.
"A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative," Mozilla said. "By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object."
According to Mozilla, the contest winning exploit only affects Firefox 3.6 and not any previous versions of the popular open-source browser. However, the browser-maker said it will play it safe and soon issue a patch for Firefox 3.5 just in case there's another way of triggering the bug.
More like this
6
Comments
Comments are closed on this article
I Jedi
April 02, 2010 at 6:23pm
I honestly do not see what all the "fuss" is about, guys. Firefox has rarely crashed on me, and I've always been able to restore lost tabs do to a crash... Its always performed the task that I needed it to.
eMJayy
April 02, 2010 at 4:12pm
I'm not experiencing any crashes or other issues with Firefox running on Windows or Ubuntu Linux. Anyone having crash issues should take a closer look at their add-ons and plugins, especially flash. Most important of all, if you're using XP and it's been installed for more than a year, you need to either check the registry for errors or reinstall the OS. I suspect some of you are having registry error issues and don't know it yet.
og_greek
April 02, 2010 at 5:11pm
I've had my OS installed for 3 years now, and still going strong. You do not need to reformat every year.
DBsantos77
April 02, 2010 at 3:45pm
No kidding. I don't know but after 3.5 was released, FF went to crap.
-Santos
jtrpop
April 02, 2010 at 3:43pm
Firefox is the buggiest browser around right now. Constantly crashing and hanging. Do they want us to move to IE or Chrome?
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 10 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 10 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 7 hours ago
