Firefox 3.0.8 Security Update to Fix Hackable Security Flaw
Article by George Norman
On 27 Mar 2009
Next week the Mozilla Foundation plans to make the Firefox 3.0.8 update available to the general public. This is a security update that is meant to address known security vulnerabilities that affect the browser running on all supported operating systems. The security holes in question could allow a person with malicious intent to install software on a targeted system – all without the user’s knowledge.

“The pwn2own bug that Nils discovered at CanSecWest 2009 and the XSLT vulnerability recently made public by Guido are both critical issues that can result in malicious code execution. These issues can be exploited by tricking a user into visiting a malicious web page hosting the exploit code. The pwn2own bug can be mitigated by disabling JavaScript. Both issues have been investigated and fixes have been developed which are now undergoing quality assurance testing. These fixes will be included in the upcoming Firefox 3.0.8 release, due to be released by April 1,” explains the Mozilla Security Blog.


People keeping track of these things will remember that Nils is the mysterious computer science student from Germany that managed to hack three of the most popular web browsers out there (Safari, Firefox, IE8) during the 2009 PWN2Own competition, earning him a $15,000 reward. By accepting the prize money he effectively sold the vulnerability rights and consequently could not provide a in-depth look at the vulnerability that he exploited in Firefox. This is not the case with Guido Landi’s XSLT vulnerability, which has been published online. No known exploit is currently available in the wild.

You are very well advised to update your Firefox browser next week, when the update becomes available – we will make sure to keep you informed, so check back for updates. As always, there will be two ways for you to get Firefox 3.0.8:
1. Download the software and install it on your machine.
2. If you have Firefox 3.0 installed on your machine, click Help -> Check for Updates. The update will be rolled out automatically, but if you check for it you might get it a bit earlier.

UPDATE: Firefox 3.0.8 has been released - details here .

Tags: Mozilla, Firefox
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 14 Aug 2017
Firefox Send works with any modern web browser (not just Mozilla’s own), it lets you safely send files up to 1GB in size, and using it is a fairly simple process, as you can see in this how-to guide.
By George Norman on 24 Jul 2017
As someone who has been using Firefox day-to-day for a very – VERY – long time, I’ve grown to know a lot about Mozilla’s web browser. As such, I thought it a good idea to share part of my knowledge with you and highlight 10 tips & tricks that I’m sure you’ll find very useful.
By George Norman on 02 Aug 2017
Voice Fill uses spoken language to enter queries into search engines. Notes is a built-in notepad that you can use to jot down ideas. And Send lets you send encrypted, self-destructing files over the internet.
By George Norman on 21 Jun 2017
Last fall, Mozilla released Firefox Focus, a fast mobile browser that blocks ads and trackers. Previously only available for iOS, this privacy-oriented browser is now available for Android too.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Firefox 3.0.8 Security Update to Fix Hackable Security Flaw
HTML Linking Code