Mozilla has released a security update to Firefox 2, making it the second update this month. Firefox 2.0.0.6 is available through the built-in auto-update feature or as a standalone download.
One “critical” and one “moderate” vulnerabilities are patched in this update. The critical update is “Unescaped URIs passed to external programs” which is similar to the vulnerability that was found when IE 7 passed a malformed URI to Firefox.
The moderate vulnerability is “Privilege escalation through chrome-loaded about:blank windows”. This was dependant on add-ons creating about:blank windows.
Mozilla Firefox 2.0.0.6 Released
One “critical” and one “moderate” vulnerabilities are patched in this update. The critical update is “Unescaped URIs passed to external programs” which is similar to the vulnerability that was found when IE 7 passed a malformed URI to Firefox.
The moderate vulnerability is “Privilege escalation through chrome-loaded about:blank windows”. This was dependant on add-ons creating about:blank windows.
Related Posts: