Two security holes patched in Firefox 3.0.8

Correction and update:This post was updated at 1:53 p.m. with a corrected headline (the word "patched" was missing) and additional and winnowed information on the security holes.)

Mozilla published a critical security upgrade for Firefox Friday evening. Version 3.0.8 for Windows, Mac, and Linux fixes two security holes listed as "critical."

One patched an arbitrary code execution hole through an XUL element, and the other corrected an XSL stylesheet exploit. Both fixes patch crash-based security holes in which remote codes could have been run.

The release notes for Firefox 3.0.8 are available here.

[futtta]

Wouldn't "Two security holes fixed in Firefox 3.0.8" be more correct as title?

[angelod101]

I was thinking the same thing. misleading headlines = more page hits. Kind of lame.

[EveningStarNM]

angelod101 might be right, but I didn't bother to read the article after noting the erroneous title. I simply made a mental note that the author, Seth Rosenblatt, might not be paying close enough attention to what he writes. Professional authors should do better.

[goodspeed8701]

Wow... Well its the most secured browser. we are safe.

[ElArZ]

They are fixing bugs, that is much more secure then never finding any.

[Richimorton]

I hope your being sarcastic ! I got Hijcked using Firefox so often I had to do a complete Windows Re install & now I use IE8 - so far so good ...............................

[goodspeed8701]

Dont get me wrong guys.... Firefox thinks they are the most secured. Well they have an addon that will keep them more secured from clickjacking.

[michael_anand]

I thought the same thing futtta did: there are 2 MORE security holes in firefox 3.0.8

[rmva]

Is there a particular time that the media is not unobservant ? Oh, right. Mondays and Tuesdays.

[farker1]

The tone of this article is insane, and the headline is misleading. Sounds like it was written by MS.

[Magicland]

With all the people out of work, how come Seth Rosenblatt isn't one of them? Surely cnet can find someone capable of writing a coherent title, if not an entire coherent article.

[stufisch]

DITTO.

Headline Generator must have been give his/her severance package ... and replacement from Mumbai probably mis-translated ....

[keano12]

You know, you don't have to correct every little thing in this world people, God, don't you bratty Americans have any social life to think oh rather than trying to be perfect? Shish, perfectionists. No one's perfect in this reality we call life you know.

[keano12]

Oh and by the way, do you guys have the time to check your own comments? Because I read your comments and I saw more errors in it than what George Bush did to America. :) No offense. :) Ohhh Apple fanboy up there. :D

[cvaldes1831]

This is supposed to be a professionally-run media company, with writers, copyreaders, editors, etc.

These types of errors are sheer sloppiness, as if you went to a restaurant and the waiter dropped off uncooked beef instead of the charbroiled steak listed on the menu or were given a pint of bitters when you asked for champagne.

Above all, a technology media company needs to get security announcements right.

[rmva]

As much as it pains me, I am going to say something positive about cnet. Before the CBS takeover, everyone at cnet went home at 5 on Friday. Some really serious malware exploded on weekends. Now, at least, they sumarize the really important stories on weekends.

[logicbus]

I have to agree with earlier posters -- The title of this article makes it sound like version 3.0.8 has security holes. It made me think that Mozilla was in a position to quickly put together version 3.0.9. When I checked my version of Firefox and found that it was 3.0.7, I thought that maybe the headline was incorrect. Sure enough. It's an erroneous headline. It's a mistake, and I expected it to be fixed by now.

[whattaguy62]

You have to remember this is the same news operation that calls Katie Couric its top journalist.

[jmdsdf]

Misleading headline. Firefox is far more secure than Internet Explorer.

[goodspeed8701]

Wrong!!!

[SeizeCTRL]

You can't say WRONG without offering proof. Firefox does not tie directly into the OS so it's far more secure than IE.

[mirceacn]

"Two security holes in Firefox 3.0.8" - And this is how you get a bad rating in WOT plugin for Firefox...
EveningStarNM you are right (misleading headlines = more page hits)

Ok I'm going to read the news on softpedia

[mmpc1]

The only thing that has updated on my laptop is Firefox and I've had problems ever since. Had to go back to IE.

[Angmarr]

common 3.5 where r u ... scooby doo!!!!

[queticomn]

I love FireFox will never look at Ie or Chrome.

One thought though, i was trying to remember the last time Opera Software plugged a security hole on Opera browser?

I do not recall.