Firefox 2.0.0.13 Is Out

March 26th, 2008

A new version of Firefox, 2.0.0.13, has been released today. It can be downloaded manually directly from mozilla.com. It is also available for automatic download. If you are running Windows, click “Help -> “Check for Updates…” menu option. You must have Administrator privileges or else it will be greyed out.

The “Known Vulnerabilities in Mozilla Products” Web page shows the update details. Six vulnerabilities were fixed: two critical, two high, one moderate and one low, some of them referencing multiple CVE’s. For additional details, check the Mozilla web page.

The most relevant one seems to be MFSA 2008-14: “JavaScript privilege escalation and arbitrary code execution”. It is associated to three CVE identifiers. Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This setting is not turned by default and it’s usage is not recommended.

Share this item with others:

More on CyberInsecure:

Serious Security Flaw In Firefox 3.0.7, Exploit Already Available

Password Bug Fixed Sooner Than Expected in Firefox 3.0.3

New Firefox 3.0 Is Vulnerable To High-Severity Code Execution

Mozilla Fixes 12 Security Vulnerabilities In Firefox 2.0.0.15

Posted in Software |

Print This Post

This entry was posted on Wednesday, March 26th, 2008 at 4:12 am and is filed under Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

If you found this information useful, consider linking to it from your own website.
Just copy and paste the code below into your website (Ctrl+C to copy)
It will look like this: Firefox 2.0.0.13 Is Out

Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.