Less than two years after its launch, Mozilla has marked the end of the road for the 3.0.x branch of Firefox with one last security update patching several vulnerabilities. Among the fixes in Firefox 3.0.19are five that Mozilla identifies as being "critical," four of which it also fixed in Firefox 3.6.2, and another one considered "high" risk.
Among them is a fix for crashes with evidence of memory corruption, as well as a remote code execution issue whereby XUL item memory is still being used even after it is freed by the browser. There are also fixes for a privilege escalation issue, and a pair of "dangling pointer vulnerabilities", which occur when a pointer is left alive when it was supposed to be closed by the browser. The flaws could potentially have enabled attackers to execute arbitrary code.
These updates are available from the Mozilla Firefox website or by using the automatic update check in the browser. That said, if you're still using 3.0.x or 3.5.x versions, you might want to consider upgrading to the latest 3.6.x branch.
Among them is a fix for crashes with evidence of memory corruption, as well as a remote code execution issue whereby XUL item memory is still being used even after it is freed by the browser. There are also fixes for a privilege escalation issue, and a pair of "dangling pointer vulnerabilities", which occur when a pointer is left alive when it was supposed to be closed by the browser. The flaws could potentially have enabled attackers to execute arbitrary code.
These updates are available from the Mozilla Firefox website or by using the automatic update check in the browser. That said, if you're still using 3.0.x or 3.5.x versions, you might want to consider upgrading to the latest 3.6.x branch.
Comments
Post a Comment