Today, Mozilla patched nine vulnerabilities including the Firefox portion of the Internet Explorer-Firefox flaw identified last week. That flaw occurs when IE passes malformed URLs from IE to another application such as another browser. Mozilla wrote, "this fix only prevents Firefox and Thunderbird from accepting bad data." And it stated in boldface, "this patch does not fix the vulnerability in Internet Explorer."
This security update also addresses known issues involving browser crashes, privilege escalation, and cross-site scripting vulnerability.
Current users of Firefox 2.0.0.4 or earlier will be automatically prompted to install the new version starting today. You can learn more about the update or download a fresh copy of Firefox 2.0.0.5 at the Mozilla site.
|