Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The Firefox browser has been updated for four security flaws, three of which were rated as “critical”, according to Mozilla. “Mozilla has released a security advisory to address multiple vulnerabilities,” an advisory from US-CERT said. “These vulnerabilities may allow an attacker to execute arbitrary code, mislead users by spoofing a URL, or cause a denial-of-service.”Another update from Mozilla addressed problems in an older version of Firefox (3.0.14).In a post on the Mozilla blog, Nicole Loux, who is "public relations practitioner and messaging masseuse" for Mozilla, encouraged users to upgrade immediately.“We strongly recommend that all Firefox users upgrade to this latest release,” she wrote. “If you already have Firefox 3.5 or Firefox 3, you will receive an automated update notification within 24 to 48 hours.”The three “critical” vulnerabilities fixed in the new 3.3.3 version included a chrome privilege-escalation bug, which could be leveraged to run JavaScript code from web content with elevated privileges, and a vulnerability in which the columns of an XML User Interface Language tree element could be manipulated. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.Multiple errors in the browser and JavaScript engines were corrected so as to prevent crashes with memory corruption. Under certain circumstances, successful exploitation could permit a hacker to execute arbitrary code.With the updates, users will be notified if they are running a vulnerable version of the Adobe Flash Player, enabling them to avoid crashes, stability issues and other security problems. The new versions of Firefox 3.5.3 can be downloaded here.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.