Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The advisory also contained two fixes with a 'High' rating, two listed as 'Moderate', and four minor vulnerabilities. Some of the issues are so severe that firms are being urged to automatically, or if necessary, manually update all their users to the newest version of the browser.One of the fixes is for corrupted memory code that could be exploited to run arbitrary code. A problem with the way that JavaScript might be exploited within mail applications has also been discovered."We strongly discourage users from running JavaScript in mail," Mozilla advised in response to the flaw. "Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript such as large images."The advisory recommends that JavaScript be disabled until a version containing these fixes is available.Other issues relate to compatibility problems with emerging technologies from rival firms. "Some web pages (such as mlb.com) do not properly detect if Silverlight is installed and will not function properly," the advisory warns. Mozilla is expected to launch a full, new version of the browser later this week. Firefox 3.0.9 is now available for Windows, Mac, and Linux users as a free download from getfirefox.com.