July 21, 2009 8:26 PM PDT

Firefox 3.0.12 patches five critical problems

by Stephen Shankland
  • Font size
  • Print
  • 27 comments

Mozilla on Tuesday released Firefox 3.0.12, an update to the open-source browser that fixes five critical security vulnerabilities and fixes a handful of other bugs.

"We strongly recommend that all Firefox 3.0.x users upgrade to this latest release," Mozilla said on its developer blog. "If you already have Firefox 3, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting 'Check for Updates...' from the Help menu."

Version 3.0.12 fixes five critical problems and one high-level security problem, according to the Mozilla security advisory site.

Mozilla is trying to move people to the newer Firefox 3.5, which offers faster JavaScript program execution, new privacy features, and a handful of technologies geared for more powerful Web applications.

And Mozilla is pushing the new browser hard. Security and stability fixes for the 3.0.x series will end in January 2010.

Stephen Shankland writes about a wide range of technology and products, but has a particular focus on browsers and digital photography. He joined CNET News in 1998 and since then also has covered Google, Yahoo, servers, supercomputing, Linux and open-source software, and science. E-mail Stephen, or follow him on Twitter at http://www.twitter.com/stshank.
Topics:

Vulnerabilities and attacks

Tags:

Firefox,

security,

browsers

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Q&A: Researcher Karsten Nohl on mobile eavesdropping
RockYou sued over data breach
Hacker Gonzalez pleads guilty in Heartland breach
Microsoft rebuts IIS vulnerability claims
More attacks expected on Facebook, Twitter in 2010
GSM crypto code cracked, engineer says
Web-based Lookout protects mobile devices, data
Hackers claim to crack Kindle copyright armor
Related
Firefox 3.5.6 patches critical security holes
Mozilla pushes back Firefox 3.6, 4.0 deadlines
Firefox, Adobe top buggiest-software list
First Mobile Firefox enters home stretch
Can Mozilla pull another Firefox with e-mail?
Could the Google train hurt Firefox?
Mozilla hopes to finish Thunderbird 3.1 in April
Using Facebook and Twitter safely
Add a Comment (Log in or register) (27 Comments)
  • prev
  • 1
  • next
by lennie22 July 21, 2009 8:36 PM PDT
since lately I have been seeing a lot of critical patches spew out for firefox....but I haven't seen any for IE8...whats going on? I demand an explanation right this minute.
Reply to this comment
by Vegaman_Dan July 21, 2009 9:44 PM PDT
Give it time. All browsers get updated. Safari, Chrome, and IE all will have updates too soon, I'm sure. All except Opera... but only because people forget it's even out there. :) (I kid! I kid!)
by Random_Walk July 22, 2009 7:10 AM PDT
* Microsoft saves theirs for Patch Tuesday, unless something really nasty hits before then

* Microsoft has a typically longer cycle to build a patch.

* Meanwhile, good luck ;)
by lennie22 July 22, 2009 9:16 AM PDT
but random...there has been multiple Patch Tuesdays and I don't remember getting any patches for IE8 except the ones for compatibility view....well lets see what this Patch Tuesday holds.
by Random_Walk July 22, 2009 10:59 AM PDT
Look up ActiveX, and get back to us ;)
by G-Skaf July 22, 2009 3:54 PM PDT
When you don't hear about something (IE vulnerabilites), it doesn't mean it's not there.
by jake3373 July 22, 2009 6:36 PM PDT
Okay, so if MS has a patch for a harmful bug on Thursday, they're going to wait until Tuesday to release it?
I wonder how many computers could be hacked in that time...

Another reason to not use IE
by santuccie July 23, 2009 11:37 AM PDT
@Penguinisto:

* The reason for Patch Tuesday is to give administrators a predictable cycle for deployment. This cycle occurs once a month, not once a year. Has Apple patched that six-month-old Java issue yet? It was patched months ago for Windows and Linux.

* Granted, there are more ActiveX vulnerabilities than anything else. But the vast majority of Windows users are adequately protected these days. Vista users are still protected out of the box, and three of the most widely used antivirus products include drive-by download protection (Norton, McAfee, AVG). Then there's Invincible Windows, sandboxing, etc. Conficker, probably the most successful worm to date, infected 9-15 million computers worldwide, out of 1 billion.

Vulnerability doesn't mean sitting duck, unless we have an Apple exploit (not that I want this to happen). I'm going to download OS X, and see if I can create a hackintosh in a virtual machine. I plan on testing Sandbox 2.2 for a kernel lockdown technique for the Mac. I would do this for Linux, but there are too many distros to test, and not enough users to justify it. And Linux is better protected than Apple, anyway.
by Spartan_458 July 21, 2009 10:05 PM PDT
I liked Firefox 3.5.....until every time I tried to use it, it gave me a low memory state error and ran terribly slow. I'm back on 3.0.12, and it works like a charm. I won't upgrade again until Mozilla fixes the problem.
Reply to this comment
by Draq Wraith July 21, 2009 11:38 PM PDT
Yeah the buffer overflow in the javascript engine seems to be plugged but now the PC runs sluggish. When i direct it to the MSNBC site i get nothing but sluggish page loads due to me still being on dial up.

Good luck fixing that!
D~W
by jaguar717 July 22, 2009 3:49 PM PDT
I don't know which is more of a ***, dial up or MSNBC.

At least they're both finally dying out.
by goodspeed8701 July 21, 2009 11:58 PM PDT
Use IE fire fox sux.
Reply to this comment
by lennie22 July 22, 2009 9:21 AM PDT
come on man, don't start that here, let them use whatever they want to use, if you use IE thats fine, I use IE8, if they use firefox, that's fine too.
by jake3373 July 22, 2009 6:37 PM PDT
If firefox sucks, use IE as a last resort. Chrome seems the best option for FF haters.
by TechnoMan475392 July 22, 2009 8:11 PM PDT
@ jake3373

That's because chrome is the anti-firefox. It's sparse, no add-ons, etc. I was a chrome person but then firefox got faster...and I like this special theme...
by vlk4n July 22, 2009 1:14 AM PDT
memory overflow problem in recent times has been trouble all browsers firefox per share it was also
Reply to this comment
by bongsi21 July 22, 2009 7:00 AM PDT
Firefox 3.5 is a good upgrade compared to the previous 3.0 version but the performance in opening the Firefox 3.5 got a little slow. I see a great future in the newest Opera 10 beta 2 browser a fast and stable program even though its on beta stage.
Reply to this comment
by July 22, 2009 9:25 AM PDT
i like windows 7
Reply to this comment
by jake3373 July 22, 2009 6:38 PM PDT
Me too, but I use FF
by jake3373 July 22, 2009 6:38 PM PDT
And Chrome
by vlk4n July 22, 2009 12:11 PM PDT
i like ubuntu or pardus
Reply to this comment
by faceless128 July 22, 2009 1:32 PM PDT
i like BeOS
Reply to this comment
by jscott418 July 22, 2009 1:36 PM PDT
I am off of Firefox for the time being. Too many crashes and web compatibility problems at times. I am trying Safari and Chrome. You know its nice to have plenty of browser choices. But is it me or is their not one browser out there anymore that just works on all sites? I seem to remember at least Internet Explorer worked. Now you need at least a couple browser in order to get those stubborn sites to work. Who should we blame for this? My take is that its the Web site designers because for the most part all the browsers brag about being web compliant. So why all the rendering problems?
Reply to this comment
by jake3373 July 22, 2009 6:40 PM PDT
If site designers followed standards, all sites would work in each browser (providing that the browser follows web standards, too. *cough IE cough* )
by BlitzBoy1120 July 23, 2009 10:36 AM PDT
All that's keeping Firefox from being the best is the lightness that Chrome has. All that's keeping Chrome from the best is the add-ons. And I doubt we will ever see an adblock add-on for Google Chrome unless it blocks everything but Google Ads... So go Firefox!
Reply to this comment
by dexter_birdbrain July 23, 2009 10:58 AM PDT
Kind of spooky to hear this (I mean so many bugs, security flaws) about Firefox. I lost count of the number of security updates that came out for Firefox 2.x. I think it went up to 2.0.0.19. Even Firefox 3.x went up to 3.0.0.11 after which came Firefox 3.5, finally. But I am still using it and convincing others to use it!
Reply to this comment
by Spribo July 23, 2009 11:47 AM PDT
I don't understand why Firefox 3 should be continued. I mean, Firefox 3.5 should be just an update to Firefox 3, not a "new browser".
Reply to this comment
(27 Comments)
  • prev
  • 1
  • next
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET