Mozilla and Google Browser Updates: Firefox 3.0.6 and Chrome 1.0.154.48
This week in the browser world we see two of the major players put out updates for their most sought after products. The Mozilla Foundation has released Firefox 3.0.6 which is meant to make the browser safer and more stable, while Google has released Chrome 1.0.154.48, which is supposed to address a bug caused by the Chrome 1.0.154.46 update . It must be noted that both software products are seeing a market share increase, unlike Microsoft’s Internet Explorer which recently attained RC (Release Candidate) status.
Firefox 3.0.6, very much like the previous 3.0.5, is a security update, plugging a total of 6 security holes: 2 low, 1 moderate, 2 high and 1 critical. The vulnerabilities rated as high could allow an attacker to steal locally stored files with SessionStore, or use a chrome XBL method combined with window.eval to run a cross-site scripting attack (XSS). The critical vulnerability refers to the fact that memory corruption indications were discovered after browser crashes.
“As part of Mozilla Corporation’s ongoing security and stability update process, Firefox 3.0.6 is now available for Windows, Mac, and Linux for free download. We strongly recommend that all Firefox users upgrade to this latest release. If you’re still using Firefox 2.0.0.x, this version is no longer supported and contains known security vulnerabilities. Please upgrade to Firefox 3,” says Firefox Launch Coordinator, Samuel Sidler.
On the stability side, the update fixes, amongst other things, a problem experienced by some users when Firefox had been running for a long period of time – the browser failed to properly and correctly display certain parts of the screen.
Google, with Chrome 1.0.154.48 addresses a problem caused by the previous update. Engineering Program Manager, Jonathan Conradt explains: “The change in 1.0.154.46 to fix Hotmail caused a problem for users in Incognito mode trying to access sites which depend on the User-Agent header. This header identifies the type of browser making the request and should be part of every request, even in Incognito mode. This issue is now fixed.”
Firefox 3.0.6, very much like the previous 3.0.5, is a security update, plugging a total of 6 security holes: 2 low, 1 moderate, 2 high and 1 critical. The vulnerabilities rated as high could allow an attacker to steal locally stored files with SessionStore, or use a chrome XBL method combined with window.eval to run a cross-site scripting attack (XSS). The critical vulnerability refers to the fact that memory corruption indications were discovered after browser crashes.
“As part of Mozilla Corporation’s ongoing security and stability update process, Firefox 3.0.6 is now available for Windows, Mac, and Linux for free download. We strongly recommend that all Firefox users upgrade to this latest release. If you’re still using Firefox 2.0.0.x, this version is no longer supported and contains known security vulnerabilities. Please upgrade to Firefox 3,” says Firefox Launch Coordinator, Samuel Sidler.
On the stability side, the update fixes, amongst other things, a problem experienced by some users when Firefox had been running for a long period of time – the browser failed to properly and correctly display certain parts of the screen.
Google, with Chrome 1.0.154.48 addresses a problem caused by the previous update. Engineering Program Manager, Jonathan Conradt explains: “The change in 1.0.154.46 to fix Hotmail caused a problem for users in Incognito mode trying to access sites which depend on the User-Agent header. This header identifies the type of browser making the request and should be part of every request, even in Incognito mode. This issue is now fixed.”
