Firefox updates for security, user add-on control

Share this article:

Mozilla on Tuesday released Firefox 8, the latest iteration of its open-source web browser, which includes a number of new features and defense against seven vulnerabilities.

Four of the security flaws were rated as "critical" and are susceptible to drive-by downloads, meaning a victim's machine can be infected with malicious code merely by the user visiting a website. The other three bugs were deemed "important" and, if exploited, could result in sensitive data being stolen from users.

The more noticeable adjustments to the browser include a search box that accommodates queries across Twitter. In addition, the new version prevents the default installation of plug-ins distributed by third parties, a move that is designed to put more control into the hands of Firefox users.

"Third-party applications frequently install bundled add-ons into Firefox as part of their own installation process," explained an August blog post from Mozilla. "While some of these applications seek the user's permission beforehand, others install add-ons into Firefox without checking to make sure the user actually wants them."

The default installation of these plug-ins can slow down page rendering, clutter the browser window and lead to security issues, as these add-ons often aren't up to date on patches, Mozilla said.

The new version of the browser replaces Firefox 7, which was released less than two months ago. Meanwhile on Tuesday, both Microsoft and Adobe issued fixes to their software products.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.