After hacker released to the public details about Firefox URI flaw Mozilla released new version of Firefox – 2.0.0.6 with following security issues fixed:

  1. Unescaped URIs passed to external programs
  2. Privilege escalation through chrome-loaded about:blank windows

First critical and second with moderate impact. Both connected with how Mozilla handle URI protocol.

Time to update again.

Release notes

Comments

Leave a Reply