Week of Woes for Firefox Users [Updated]

Posted 11/30/07 at 01:56:42 PM | by Mark 'Marcus Soperus' Soper

Firefox 'Burns' Users with a Security Upgrade That Goes Bad

Some types of records shouldn't be broken, but this week, Mozilla appears to be on the verge of breaking its personal best: the shortest time between updates of its Firefox web browser.

What happened? Monday, Mozilla's Firefox 2.0.0.10 update fixed a cross-site scripting threat that used the jar (Java archive) Uniform Resource Locator which, when combined with a bug in Google's Gmail, allowed users to access other users' email address books. Ouch!

Unfortunately, 2.0.0.10 wasn't quite ready for prime time: websites that use the 'Canvas' HTML element to dynamically render bitmaps stopped working, and the FoxSaver and Fotofox extensions also were torpedoed.

Firefox 2.0.0.11 Fixes Bugs, Now Available

Coming, Release Candidate Available Now

Mozilla Firefox version 2.0.0.11 fixes these bugs. To get the final release as fast as possible, check the Firefox download page, as automatic updating may take a day or two once an update is released. Update: Firefox 2.0.0.11 is now available via the Firefox download page. Be sure to check the version number. As of early Friday afternoon, 2.0.0.10 was still the latest version listed. If you don't want to wait for the official release of version 2.0.0.11, you can grab the release candidate from the Mozilla FTP site. Here's the direct link to the US English 32-bit Windows version.

Got Firefox? Got QuickTime? Get (Extra) Security Problems

If that wasn't enough, users of Firefox (and other browsers) that rely on Apple QuickTime 7.3 or earlier as their default multimedia player need to watch out for rogue websites. Symantec reports that an as-yet-unfixed RTSP vulnerability in QuickTime could open users to malicious content, and that Firefox is more vulnerable than Internet Explorer 6, IE7, or Apple's Safari browsers.

Don't Use Firefox? Don't Get Smug

If you use QuickTime, you can get into trouble with any browser, or if you click on a link in an email that directs you to a rogue site. To protect yourself, think before you click!

COMMENTS:: 7
TAGS:: firefox, QuickTime, Mozilla, safer browsing

Comments

COMMENTS

oh yeah, kudos to MPC for
Submitted by soggybomb on Fri, 2007-11-30 16:59

oh yeah, kudos to MPC for staying on top of this

Login or register to post comments

2.0.0.11
Submitted by soggybomb on Fri, 2007-11-30 16:56

just installed update. extensions work again + bugs fixed. ironic, just after i read this i got the dialog box saying firefox downloaded update.

Login or register to post comments

I rebuff that
Submitted by Shalbatana on Fri, 2007-11-30 14:35

I rebuff that statement.

Firefox is never more vulnerable, because it's users are generally more aware and in touch with the browser community.

Knowing there is an issue means one can take steps to avoid it until a patch is provided.

Sure it's a theoretical argument, but I believe it's true. When was the last time an IE user said something like, "Hey I know there's an issue with IE and QT so I'll avoid using them together for now."

Login or register to post comments

This IE user.
Submitted by yagisencho on Fri, 2007-11-30 16:50

Hey, I know there's an issue with browsers and QT, so I'll avoid using them together for now.

There you go.

Smug -1

Login or register to post comments

Good thing
Submitted by popstop785 on Fri, 2007-11-30 14:06

Good thing I stay away from anything Apple. I never use quicktime. Hate it and I never install it. Good thing too :D

Login or register to post comments

Yeh, no doubt popstop, I
Submitted by Phosphorous on Fri, 2007-11-30 14:21

Yeh, no doubt popstop, I can't stand quicktime.

Login or register to post comments

Nobody's perfect
Submitted by Talcum X on Fri, 2007-11-30 13:46

Even tho we love our Firefox, it's still a product of human labor. We all have jumped the gun in our lives, every product has had it's bad days...so, we forgive you Mozilla, just learn from the mistake. :-D

**********
Every morning is the dawn of a new error.

Login or register to post comments

RESOURCE CENTER

MOST COMMENTED ARTICLES

NewsWindows 7, DirectX 11!

2 NEW COMMENT(S) | 37 TOTAL COMMENTS

ReviewsLeft 4 Dead

33 TOTAL COMMENTS

NewsNew Forceware 180.48 Drivers Released, Claims up to 80% Improvement, Enables SLI Multi-Monitor Support

28 TOTAL COMMENTS

FeaturesRip DVDs for Playback on Your iPhone, PSP, Xbox 360, PS3, AppleTV, or Any H.264-Enabled Player

2 NEW COMMENT(S) | 23 TOTAL COMMENTS

FeaturesA Maximum PC Thanksgiving: 17 Things That Make Us Thankful

1 NEW COMMENT(S) | 21 TOTAL COMMENTS

MOST RECENT COMMENTS

News"Kumo" As the New Name for Live Search Looks Even More Likely

2 NEW COMMENT(S) | 2 TOTAL COMMENTS

NewsMajority of Compulsive Gamers Not Addicted to Games: Game De-Addiction Expert

2 NEW COMMENT(S) | 2 TOTAL COMMENTS

NewsRockstar Rolls with SecuROM DRM for Grand Theft Auto IV on the PC

7 NEW COMMENT(S) | 7 TOTAL COMMENTS

NewsMicrosoft's WARP10 Will Let You Run DX10 on CPUs, Crysis at 7 FPS

6 NEW COMMENT(S) | 6 TOTAL COMMENTS

News$44 Gadget Turns Your Laptop Into a Tablet

1 NEW COMMENT(S) | 1 TOTAL COMMENTS

THIS MONTH's ISSUE

FEATURE Windows Tips: Find out what works and what doesn't as we test the most commonly prescribed Windows tipsHOW TO Customize and streamline your Windows desktop Core i7 Check out Intel's next-gen chip, up close and personal The Reactor We preview the first production-ready oil-immersed PC

Get your free trial issue

Maximum PC

Week of Woes for Firefox Users [Updated]

Firefox 'Burns' Users with a Security Upgrade That Goes Bad

Firefox 2.0.0.11 Fixes Bugs, Now Available

Coming, Release Candidate Available Now

Got Firefox? Got QuickTime? Get (Extra) Security Problems

Don't Use Firefox? Don't Get Smug

Geek Tested:

HARDWARE

PC

SOFTWARE

WINDOWS

CONSUMER ELECTRONICS

LINUX