Mozilla fixes bugs with first update to Firefox 2.0

By Elizabeth Montalbano, IDG News Service, 12/19/06
Mozilla Corp. has released the first update for the Firefox 2.0 browser to fix eight security vulnerabilities.

According to the company, release 2.0.0.1 of Firefox fixes flaws in memory corruption as well as the way the browser executes RSS (really simple syndication), Javascript and CSS (cascading style sheets) code, among other vulnerabilities. Mozilla also patched similar flaws in its Firefox 1.5 browser.
Five of the eight flaws were rated as critical, according to Firefox. A critical rating means a Firefox user would be vulnerable to attack and remote software installation on their machines just from browsing the Web in the usual fashion. Two of the flaws were rated as high, while one received a low security-risk rating, Firefox said.
Mozilla's advisory and information on the update can be found on the company's Web site.

Danish security firm Secunia ApS also posted information about the patches on its Web site.
Mozilla released Firefox 2.0, the second major update to its open-source browser, in October.