Network Security, Patch/Configuration Management, Vulnerability Management

Firefox fixes security holes with release of 3.0.2

Mozilla late Tuesday pushed out a security update to its Firefox browser to repair seven flaws deemed "critical," meaning they could be exploited to launch attack code to install malicious software on victims' machines.

In total, Firefox version 3.0.2 corrects 12 vulnerabilities.

The critical bugs involve a memory corruption issue in the browser engine, according to a Firefox advisory, and a privilege escalation problem in XPCNativeWrappers, according to a second advisory.

The latest version also rectifies four vulnerabilities rated "moderate" risk and one rated "low" risk.

The new updates also are covered in Firefox 2.0.0.17. Mozilla has said it will end support for Firefox 2 in December.

Tuesday's fixes are also part of email client Thunderbird 2.0.0.17 and internet suite SeaMonkey 1.1.12.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.