February 2, 2006 11:15 AM PST

Security update out for Firefox 1.5

Related Stories

IE 7 bugs abound

February 1, 2006

Microsoft releases IE 7 beta to public

January 31, 2006

Unpatched Firefox 1.5 exploit made public

December 8, 2005
Mozilla on Wednesday released an update for Firefox 1.5 that fixes several security flaws and makes other changes aimed at improving the open-source Web browser.

The update, Firefox version 1.5.0.1, patches a total of eight security vulnerabilities. One is deemed "critical" by Mozilla, four are rated "moderate" risk, and three are tagged "low" risk. The more serious flaws could let an attacker take over a system running a vulnerable version of Firefox, according to Mozilla's security alerts.

Among the issues tackled is a problem disclosed late last year, which concerns Web pages with an extremely long title that could cause Firefox to crash.

Security monitoring company Secunia rates the Firefox update "highly critical." Mozilla recommends that all users switch over to this latest version, according to the Firefox update release notes.

Aside from the security fixes, the update delivers improved stability and support for the Mac OS X platform, according to the release notes. Users of Firefox 1.5, first released last November, can upgrade to the new version using the automatic update feature, or it can be manually downloaded from a Mozilla site.

16 comments

Join the conversation!
Add your comment
FireFox 1.5 bugs abound
Oh wait.....C|net wouldn't say that
Posted by itworker--2008 (130 comments )
Reply Link Flag
bugs abound
Bugs abound in every software piece. What is your point?
Posted by mjm01010101 (126 comments )
Link Flag
You just KNOW about these bugs, for a change.
Other vendors probably wouldn't even tell you about the low-priority bug fixes.
Posted by (54 comments )
Reply Link Flag
Mozilla (c)1998-2006
eight years in making and still not bug free, and they claim MS software are bug,

fraud people!
Posted by (128 comments )
Reply Link Flag
The Price of Being Successful
As more and more users are attracted to Firefox, this browser will be targeted by hackers. This is the same problem with Internet Explorer. No matter how good you are at security matters, there is always someone out there looking for an open door to get in and plant malicious codes.

The good thing about Mozilla's people is that they recognize the problem and adopt immediate action. I'm sure this will not be the last upgrade to Firefox because of security concerns and that's good for us.

On the other hand, Microsoft has been known to drag their feet releasing patches to fix security vulnerabilities. That's the main difference between both camps. I still think Firefox rocks.
Posted by epiac1216 (23 comments )
Link Flag
WHAT??
You mean firefox has security flaws just like internet explorer? I guess this means all you firefox fans can take your browser off its pedestal and stop crying about internet explorer.
Posted by blaineg (5 comments )
Reply Link Flag
Everything has security problems and bugs
Every piece of software can and does have security problems. Especialy as complex apps as browsers. The more complex the thing is and the more features it has the higher the possibility for bugs and also security problems. The important difference between IE and Firefox is that IE is way too much integrated into operating system and problems have larger effect on the whole system. Another difference is that Firefox developer have so far been a lot quicker to fix security problems and release patches. And if you look at Secunia web page you can see that currently IE has 21 known and unpatched security bugs and the highest rating is Extremely Critical. On the other hand Firefox now has 3 known unpatched security bugs and the highest is rated as Less Critical.
Posted by JLP (38 comments )
Link Flag
The number of bugs is a non-issue
It doesn't matter if Firefox has flaws. or how many flaws in firefox or Internet Exploder. It's how fast and frequent the fixes are released. IE is a thumbs down when it comes to this. Firefox is a clear winner. It's open-source, that's why is much better. Transparency...
Posted by wakizaki (44 comments )
Link Flag
Firefox is Still Superior
unless you browse the web like grandpa. In that case, stick with IE and keep posting idiotic Firefox-bashing comments like the ones you see here.
Posted by dysonl (151 comments )
Reply Link Flag
Crash, Crash, Crash
While I love Firefox, I must say its updater must be pretty darn buggy. It decided to update me automatically to 1.5.1, which crashed my computer. My server, which has Firefox on it, also crashed after Firefox attempted to update itself. I'm afraid other servers/computers may go down... so be careful! Try updating manually to prevent possibly losing your work!

Note: My computer came up fine after it crashed and I haven't had any problems since the update attempt. Firefox apparently updated itself successfully, but unfortunately the crash occurred as well. So, it's not ruining computers, but it sure does seem to be dangerous for anyone with servers running the software 'cause they may go down.

-Auri Rahimzadeh
Author, Hacking the PSP
www.hackingpsp.com
Posted by AuriRahimzadeh (17 comments )
Reply Link Flag
Hardware problem maybe
It is very strange that some relatively simple thing as automatic update would crash the entire system or something like Linux kernel. I have updated Firefox using AU on several computers I administer or own and all went without a problem (If I don't count that partial update was not working for users with Slovenian Firefox). In my experience with unusual crashes like this it was almost always hardware that was at. I would check out memory first. First use a program like memtest86+ and also try to exchange memory modules if needed.
Posted by JLP (38 comments )
Link Flag
Very Interesting
I just went through 83 flawless updates on the systems I control. 83 out of 83 and not one problem with updating. 4 of which were servers. Perhaps you are running something that conflicts. All I know is I have had zero problems with the latest update from FireFox.

IE7b2 on the other hand will not install on my test machine which had IE7b1. I was told to remove IE7b1 which I then did, went to install IE7b2 again, which failed and has failed every time I have tried. I cannot install IE6 or IE7b1 on my test machine because it tells me I have a newer version of IE. Yet when I go to program files\internet explorer\ there are no files in it. Just an empty folder with an empty ICW folder. So I now have a system with no IE. While many might find that a nice thought, I still require IE for some things. Looks like re-imaging time.
Posted by SeizeCTRL (1333 comments )
Link Flag
Let's Get Real
As U was reading the article, Firefox informed of the update, downloaded the update, installed the update, re-started the browser. My only complaint was it didn't bring me back to the page I was reading.

FireFox is faster than IE, fixes any issues faster than IE, is safer than IE. As long as IE is built on Active-X, Firefox will always be safer. If you install the NoScript Extension, than it's 1000% safer than IE.

I am not surprised there are issues with FireFox or any software program. It's how they are addressed and the fixes deployed that makes a difference. and by the way FireFox Rocks.....
Posted by Classic Software (15 comments )
Reply Link Flag
Firefox---What is There to Add?
Recieved the update for Firefox yesterday. What is there to add, to such a secure computing experience as Firefox provides? IE will probably never match Firefox when is comes to themes and extensions, to customize the browser experience. So far, they are about a thousand themes and extensions behind. If Microsoft desires to play catch-up with Firefox, they've got a long way to go.
Posted by Michael G. (185 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.