Mozilla Plugs Critical Firefox Security Holes with Update


After Apple had released a patch to negate the IE/Safari carpet bombing vulnerability last month, Windows security blogger Billy Rios discovered a similar exploit, albeit using Firefox and Safari. Mozilla has made available an update for both Firefox 2 and Firefox 3 that negates this threat .

The earlier version of the open source browser was the first to be updated as the crucial Firefox security update became available on Tuesday (15th July) followed by the 3.0.1 patch for Firefox 3 the next day. In addition to tackling the carpet bombing threat, the updates have also fixed a vulnerability related to the browser’s CSSValue array data, and a minor Mac-only bug.

Around the web