Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 26th, 2008

Firefox Is Out

A new version of Firefox,, has been released today. It can be downloaded manually directly from It is also available for automatic download. If you are running Windows, click “Help -> “Check for Updates…” menu option. You must have Administrator privileges or else it will be greyed out.

The “Known Vulnerabilities in Mozilla Products” Web page shows the update details. Six vulnerabilities were fixed: two critical, two high, one moderate and one low, some of them referencing multiple CVE’s. For additional details, check the Mozilla web page.

The most relevant one seems to be MFSA 2008-14: “JavaScript privilege escalation and arbitrary code execution”. It is associated to three CVE identifiers. Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This setting is not turned by default and it’s usage is not recommended.

Share this item with others:

More on CyberInsecure:
  • Login And Password Stealing Trojan Masquerades As Firefox Plug-in
  • Serious Security Flaw In Firefox 3.0.7, Exploit Already Available
  • Password Bug Fixed Sooner Than Expected in Firefox 3.0.3
  • New Firefox 3.0 Is Vulnerable To High-Severity Code Execution
  • Mozilla Fixes 12 Security Vulnerabilities In Firefox

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Firefox Is Out

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.