- Related Stories
-
Symantec: Mozilla browsers more vulnerable than IE
September 19, 2005 -
New Firefox, Mozilla releases to fix bugs
September 14, 2005 -
Hackers work to exploit latest Firefox flaw
September 13, 2005 -
Unpatched Firefox flaw may expose users
September 9, 2005
Firefox 1.0.7 was issued late Tuesday, a representative said. A new Mozilla Suite 1.7.12, containing the affected Mozilla Web browser and other tools, will follow by the end of the week.
Symantec: Mozilla more vulnerable than IE
The releases were expected. A week ago, Mozilla said it would deliver new versions of the open-source software to tackle a number of flaws.
"We're strongly recommending all users upgrade to the latest version," Chris Beard, head of products for Mozilla, said on Wednesday. The organization is not aware of any public exploits for the flaws fixed in the update, he said.
The primary reason for the updates is to patch a vulnerability that was disclosed two weeks ago and that affects all versions of the Firefox and Mozilla browsers, Beard said. The flaw lies in the way the applications handle International Domain Names, or IDNs, which are Web addresses that use international characters. Hackers have apparently been working to exploit the flaw, which could let attackers run code remotely on vulnerable computers.
The patched software also addresses a problem that affects only the Linux versions of Mozilla and Firefox--an issue only made public on Tuesday. The security hole lies in the way the browsers handle Web addresses from other applications and could let an intruder gain control over a PC, according to the French Security Incident Response Team, or FrSirt.
Firefox 1.0.7 is available on the Mozilla Web site and will be pushed out through the update feature in Firefox in the coming days, Beard said. People will have to download the full new browser. The next version of Firefox--release 1.5, due by the end of the year--will have a better patching mechanism that will let people download just the fixes, he said.
Firefox has risen in popularity in recent years as a viable alternative to Microsoft's Internet Explorer. Although its market share slipped slightly recently, researchers estimate that between 8 percent and 9 percent of the Internet population uses the open-source browser. Mozilla itself estimates that between 40 million and 50 million people use Firefox.
Security has been a main selling point for Firefox over Internet Explorer. However, Firefox has had its own security woes. Numerous serious holes in the browser have been plugged since its official release. Earlier this week, security company Symantec said more bugs have been found in Mozilla browsers than in IE in the first six months of 2005.
See more CNET content tagged:
Mozilla Corp., Mozilla Web browser, Firefox, flaw, Web browser
What the report didn't say was how long both Mozilla and
Microsoft took to individually patch problems. It took an average
from both, making it six days.
Everyone knows how bias a security report from Symantec, who
needs customers to keep using buggy, slowly patched software
like IE rather than securer, quickly patched software like Firefox
was written.
The spin was unbelievable, and your reporting of it on here,
completely one sided, bias, and unforgivable.
Let?s see Microsoft or Symantec address a problem with their software that fast.
- I downloaded the new version
- by GoochieWoman September 22, 2005 6:28 AM PDT
- and boy do I have troubles now. It wont respond, there's a big bar across the bottom of the browser and after uninstalling, running registry cleaners and reinstalling, I'm getting the same thing over and over again...I guess I'm going to have to try Opera
- Reply to this comment
-
(5 Comments)