Firefox suffers first 'extremely critical' security hole

Spinner

Security researchers have warned that Firefox has unpatched "extremely critical" security holes and exploit code already circulating the Internet.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript. In addition, the Mozilla Foundation has now made the flaws effectively impossible to exploit by changes to the server-side download mechanism on the update.mozilla.org and addons.mozilla.org sites, according to security experts.

The flaws were confidentially reported to the Foundation on 2 May, but by Saturday details had been leaked and were reported by several security organisations, including the French Security Incident Response Team (FrSIRT). Danish security firm Secunia marked the exploit as "extremely critical", its most serious rating, the first time it has given a Firefox flaw this rating.

Popularity comes at a price.

Source: Techworld

BlackHawk

Mozilla released v1.04 RC last night with the fixes.

Download link.

lemonlime

Thanks for the link BH, upgraded no problem..

BlackHawk

1.04 final is out.

Link

Rewired

I installed 1.0.4 right over 1.0.3. Is this normally ok to do?

Dexter

andfitchandyou wrote:

I installed 1.0.4 right over 1.0.3. Is this normally ok to do?

Yes. It just updates the program files without touching your personal settings like bookmarks and cookies.

Dexter...

Rewired

Mucho gracias.

danball1976

Running 1.0.4 right now.