Firefox updates for security, user add-on control
Mozilla on Tuesday released Firefox 8, the latest iteration of its open-source web browser, which includes a number of new features and defense against seven vulnerabilities.
Four of the security flaws were rated as "critical" and are susceptible to drive-by downloads, meaning a victim's machine can be infected with malicious code merely by the user visiting a website. The other three bugs were deemed "important" and, if exploited, could result in sensitive data being stolen from users.
The more noticeable adjustments to the browser include a search box that accommodates queries across Twitter. In addition, the new version prevents the default installation of plug-ins distributed by third parties, a move that is designed to put more control into the hands of Firefox users.
"Third-party applications frequently install bundled add-ons into Firefox as part of their own installation process," explained an August blog post from Mozilla. "While some of these applications seek the user's permission beforehand, others install add-ons into Firefox without checking to make sure the user actually wants them."
The default installation of these plug-ins can slow down page rendering, clutter the browser window and lead to security issues, as these add-ons often aren't up to date on patches, Mozilla said.