Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Mozilla Firefox Updates - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Mozilla Firefox Updates

Earlier today,  Mozilla released the newest version of Firefox.  

Firefox 3.6.4 corrects 7 vulnerabilities which range from critical issues such as denial of service or arbitrary code execution bugs along with a few lower level issues.  The full list of vulnerabilities corrected is located in the release notes.  In addition, this release of Firefox provides much better handling of plugin crashes.  Should a plugin crash or freeze while viewing a website, Firefox now allows the plugin to crash without taking down the entire browser.  This is a very useful feature for those of us who keep many many tabs or windows open during the course of the day and get very irritated when you open that one website that has some odd flash or quicktime media that causes the plugin to abnormally end.  YAY!

Firefox 3.5.10 also was released and corrects for 9 vulnerabilities of which 6 are rated as critical. The 3.5.x tree of Firefox will continue to receive security updates for 2 more months, so it is time to prepare to jump to 3.6.x very soon.  More details on the security issues are listed in the release notes.

Thanks to all of our readers who were on top of these releases tonight and alerted us of them.

Scott Fendley -- ISC Handler on Duty

ScottF

188 Posts
ISC Handler
As a Pennsylvania public library district, we are required, by both law and some of our grant restrictions, to offer semi-filtered internet (adult content and the like), even on staff machines. As such, we set Internet Explorer to go through a proxy filter. We then offer our staff the use of Firefox as their "Unfiltered" alternative. With this latest install, here in the IT department, it's easy to see that FireFox 3.6.4 has changed the default proxy setting to "Use system proxy settings."

Be warned, if your users "can't get on the internet" - check the proxy settings: Tools, Options, Advanced, Network Tab, Settings.

-GarrettC
Anonymous

Sign Up for Free or Log In to start participating in the conversation!