Mozilla Plugs Critical Security Holes in Older Firefox Versions
Personally I am the kind of user that immediately jumped on board when the final version of Firefox 3.6 was released late last month. If you’re like me, then you need to relax. Your browser is safe. But if you’re using Firefox 3.0 or Firefox 3.5 then you need to get the latest updates: Firefox 3.0.18 and Firefox 3.5.8.
The updates have been rolled out by Mozilla as part of its “ongoing security and stability update process.” You should receive an automated update prompt in the next day or so. If you just can’t wait, then you can always manually check for updates. Simply click the Help menu -> then hit Check for Updates.
Why would you want to update? As the release notes say (Firefox 3.0.18 here; Firefox 3.5.8 here), the update makes the browser a more stable and safer platform. For example Firefox 3.5.8 includes 5 security advisories out of which 3 carry the “critical” rating. The bulletins in question are:
MFSA 2010-03
Title: Use-after-free crash in HTML parser
Description: The HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.
Credit: Alin Rad Pop of Secunia Research
MFSA 2010-02
Title: Web Worker Array Handling Heap Corruption Vulnerability
Description: Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer.
Credit: Orlando Barrera II
MFSA 2010-01
Title: Crashes with evidence of memory corruption
Description: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
The updates have been rolled out by Mozilla as part of its “ongoing security and stability update process.” You should receive an automated update prompt in the next day or so. If you just can’t wait, then you can always manually check for updates. Simply click the Help menu -> then hit Check for Updates.
Why would you want to update? As the release notes say (Firefox 3.0.18 here; Firefox 3.5.8 here), the update makes the browser a more stable and safer platform. For example Firefox 3.5.8 includes 5 security advisories out of which 3 carry the “critical” rating. The bulletins in question are:
MFSA 2010-03
Title: Use-after-free crash in HTML parser
Description: The HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.
Credit: Alin Rad Pop of Secunia Research
MFSA 2010-02
Title: Web Worker Array Handling Heap Corruption Vulnerability
Description: Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer.
Credit: Orlando Barrera II
MFSA 2010-01
Title: Crashes with evidence of memory corruption
Description: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
