Firefox 3.0.8 Security Update to Fix Hackable Security Flaw
Article by George Norman
On 27 Mar 2009
Next week the Mozilla Foundation plans to make the Firefox 3.0.8 update available to the general public. This is a security update that is meant to address known security vulnerabilities that affect the browser running on all supported operating systems. The security holes in question could allow a person with malicious intent to install software on a targeted system – all without the user’s knowledge.

“The pwn2own bug that Nils discovered at CanSecWest 2009 and the XSLT vulnerability recently made public by Guido are both critical issues that can result in malicious code execution. These issues can be exploited by tricking a user into visiting a malicious web page hosting the exploit code. The pwn2own bug can be mitigated by disabling JavaScript. Both issues have been investigated and fixes have been developed which are now undergoing quality assurance testing. These fixes will be included in the upcoming Firefox 3.0.8 release, due to be released by April 1,” explains the Mozilla Security Blog.

Advertising

People keeping track of these things will remember that Nils is the mysterious computer science student from Germany that managed to hack three of the most popular web browsers out there (Safari, Firefox, IE8) during the 2009 PWN2Own competition, earning him a $15,000 reward. By accepting the prize money he effectively sold the vulnerability rights and consequently could not provide a in-depth look at the vulnerability that he exploited in Firefox. This is not the case with Guido Landi’s XSLT vulnerability, which has been published online. No known exploit is currently available in the wild.

You are very well advised to update your Firefox browser next week, when the update becomes available – we will make sure to keep you informed, so check back for updates. As always, there will be two ways for you to get Firefox 3.0.8:
1. Download the software and install it on your machine.
2. If you have Firefox 3.0 installed on your machine, click Help -> Check for Updates. The update will be rolled out automatically, but if you check for it you might get it a bit earlier.

UPDATE: Firefox 3.0.8 has been released - details here .



Tags: Mozilla, Firefox
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Firefox 3.0.8 Security Update to Fix Hackable Security Flaw
HTML Linking Code