Mozilla rushing out update for Firefox flaws
Mozilla hits the "fire drill" button, and rushes out an update for a pair of flaws.
Mozilla is to release a "high-priority fire drill security" update for its Firefox browser, after two flaws were discovered.
The patches will be released either 30 March or April as part of the next edition of the browser, Firefox 3.0.8 which is being rushed out because of the flaws.
The vulnerabilities at issue are the Pwn2Own flaw discovered at CanSecWest, as well as the XSLT bug. Mozilla described both as critical issues that allow malicious code execution. "These issues can be exploited by tricking a user into visiting a malicious web page hosting the exploit code," Mozilla said on its security blog.
"Both issues have been investigated and fixes have been developed which are now undergoing quality assurance testing," Mozilla added.
Mozilla faces renewed competition from Microsoft with the recent release of Internet Explorer 8, but Firefox still came out tops in our four-way browser beta test.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
Freelance journalist Nicole Kobie first started writing for ITPro in 2007, with bylines in New Scientist, Wired, PC Pro and many more.
Nicole the author of a book about the history of technology, The Long History of the Future.
-
Amazon OpenSearch update targets performance boosts and lower costsNews Surging data volumes have prompted an overhaul of Amazon’s OpenSearch service
-
Cyber experts say they've identified the first case of ‘agentic ransomware’News While the JadePuffer ransomware has alarm bells ringing, it still needed a human in the loop
-
Spanish spyware outfit uncovered, develops exploits for Windows, Chrome, and FirefoxNews Google was only able to discover the company after an anonymous submission was made to its Chrome bug reporting programme
-
Firefox 95 boosts protection against zero-day attacksNews Mozilla's browser now takes a more granular approach to walling off code
-
Mozilla to end support for Firefox Lockwise password managerNews Replacement service already lined up as browser specialist continues to streamline business
-
Firefox available on Microsoft Store for first timeNews Gecko-based browser arrives after Microsoft removes restrictions
-
Mozilla to cut 250 jobs as part of major coronavirus restructureNews The reorganisation has been made so the company can become faster, more innovative, and find more revenue streams
-
Why I’m leading a browser double lifeOpinion There are benefits to using more than one browser
-
Mozilla re-hires veteran Mitchell Baker to serve as CEONews The interim chair and CEO formally rejoins the organisation after Chris Beard stepped down in December 2019
-
Mozilla fixes two Firefox zero-days being actively exploitedNews Critical vulnerabilities allow attackers to execute arbitrary code or trigger crashes