Mozilla released an update to Firefox 3 on Tuesday that patches 12 security vulnerabilities, four of which it rated as critical.
Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Updates for Windows, Mac OS X, and Linux are available at the Mozilla site (downloads in all languages are available here). Firefox 3 users will receive an update notification within 48 hours, or they can download the update manually by selecting "Check for Updates" from the Help menu.
The release comes as Mozilla prepares to release the fourth beta of Firefox 3.5--the next version of the open-source browser. Mozilla had originally planned to release its new "Shiretoko" version of Firefox in early 2009, after releasing Firefox 3.1 beta 3 last month, the organization behind the browser said a fourth beta is planned--and with the new version number 3.5.
In March, security testing company Secunia reported that Mozilla had more vulnerabilities in its Web browser last year than Internet Explorer, Safari, and Opera combined, but that Mozilla dealt with those flaws quicker than Microsoft.
Meanwhile, Firefox continues to chip away at Internet Explorer's market dominance. Mozilla now has 22.05 percent of the global browser market share, compared with IE's 66.82 percent, a drop of more than 7 percentage points in a year, according to figures from Web metrics company Net Applications.
In : Security
Tags: firefox 3 update vulnerability mozilla web browser