Critical flaws squashed in Firefox update

Mozilla has released an update to its Firefox Web browser that repairs a dozen security vulnerabilities, five of which are deemed "critical."

The most serious of the bugs could be exploited by miscreants to hijack vulnerable systems, Mozilla said Thursday. The company, which oversees Firefox development, has published security advisories for each of the flaws repaired by the Firefox update.

"Firefox 1.5.0.4 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers," Mozilla said on its Web site. "We recommend that all users upgrade to this latest version."

Security monitoring company Secunia deems the Firefox issues "highly critical," one notch below its most severe rating.

The latest Firefox update comes a month after the previous security fix release for the popular open-source browser. Users of Firefox 1.5 or newer, released last November, will receive the patches automatically.

While the security flaws may affect the earlier 1.0 versions of Firefox, Mozilla is not providing security updates for those releases. "1.0.8 is the last update for the 1.0.x line of Firefox," a company representative said. All users are advised to upgrade to the 1.5.0.4 version. The 1.0.8 version came out in April.

[Riyan.M]

So much for the 'secure' browser!

So much for the 'secure' browser!

[dysonl]

Who ever said it was 100% Secure?

Don't blame anyone else but your brain for not able undestanding the simple difference between "more secure" and "totally secure".

[Joe Bolt]

I'm still waiting for the apologies

"So much for the 'secure' browser!"

Well put, Riyan. I'm sure you noticed how the smug crowd who used to crawl out of the woodwork every time an IE flaw was discovered are strangely silent these days. What they conveniently overlooked in Firefox's early days is that it was so "secure" simply because no hacker worth his salt gave a damn about some browser holding a whopping 5% of the market. Why bother?

Of course, the exact same parallel is true with the Mac crowd. The latest virus hits the PC scene and look out, here they come! "We don't have viruses on Macs, ha-ha-ha!" Again, who would bother trying to hack a computer that garnered a staggering 5% of the computer market? But, like the Firefox story, these same people became strangely silent once some bored hackers decided to take the Mac out for a spin and proved it's as penetrable as the rest of them.

Now, in the past, that's all I would have said on the subject. But with the New Politically-Based C-Net, with its not-so-obvious left-wing slant, it seems only 'right' to put a politcal angle on things. And here it is:

Any Democrats using Firefox or Macs should be thrilled at the news that their pet browser or OS is now as vulnerable to attacks as IE and Windows are. Isn't that the core of the Democratic party, socialism and a level playing field?

[balihoo2]

Security point

Ok, having been in I.T. for the past 11 years I have see a lot. I have seen Windows hacked, Unix hacked, and Mac OS hacked. I've seen IIS brought to its knees by DoS attacks. I have also see the same with Apache. Bottom Line: They all can be hacked or cracked or somehow broken into. PERIOD!!

If someone wants in, they will get in, I don't care what you use. I use both Firefox and IE, Firefox is my primary browser. I use it because I like it, it can be costumized just how I like it.
It's fun to work with, and I just plain like it. Besides, has anyone looked at IE 7, it looks remarkably like Firefox.

Bottom line gentlemen and ladies(if any have posted) Use want you want, and let the rest of us use what we want. And remember, all software has bugs, whether they be security or otherwise.

[System Tyrant]

And...

you notice that when you make a good point that doesn't take sides nobody wants to comment. It's no fun if you can't bash somebody else's opinion.

o_O