Page 2 of 11 FirstFirst 123456 ... LastLast
Results 11 to 20 of 102

Thread: Firefox updates

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v1.5 support ends today ...v2.0.0.4 set for release

    FYI...

    - http://preview.tinyurl.com/2mfox3
    May 29, 2007 (Computerworld) - "Mozilla Corp. will issue the last security update for its open-source Firefox 1.5 browser today (Wednesday). It will include an automatic update mechanism to give users the option of upgrading to the newer Firefox 2.0... Today's Firefox 1.5.0.12 will be the final security patch for the 18-month-old browser. Also due for delivery is Firefox 2.0.0.4... Firefox 2.0.0.4 will be posted here*, while Firefox 1.5.0.12 will be available from this page** of the Mozilla site. A list of the vulnerabilities*** patched by both updates will be posted sometime after 2.0.0.4 and 1.5.0.12 go live..."

    * http://www.mozilla.com/en-US/firefox/all.html

    ** http://www.mozilla.com/en-US/firefox/all-older.html

    *** http://www.mozilla.org/projects/secu...abilities.html

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox v2.0.0.4 and v1.5.0.12 released

    FYI - Firefox updates released...

    Use "Check for Updates" from an Admin account (>Help >Check for Updates... )
    -or-


    Download v2.0.0.4:
    - http://www.mozilla.com/en-US/firefox/all.html
    Download v1.5.0.12:
    - http://www.mozilla.com/en-US/firefox/all-older.html

    Fixes:
    - http://www.mozilla.org/projects/secu...s.html#Firefox

    -------------------------------------------------------------------
    Support for Mozilla Firefox 1.5 Extended Until Mid-May
    - http://www.mozillazine.org/talkback.html?article=21543
    April 24th, 2007

    Release Schedule
    > http://wiki.mozilla.org/Firefox:1.5....lease_Schedule
    22 May 2007

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow

    FYI...

    - http://blog.mozilla.com/webdev/
    "June 30, 2007 - The download controller was modified on Thursday to prepare for the release of the 1.5.0.12 -> 2.0.0.4 major update..."

    ...which was made available Sunday 7.1.2007.


    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #14
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox v2.0.0.5 released

    FYI...

    - http://isc.sans.org/diary.html?storyid=3161
    Last Updated: 2007-07-18 05:46:09 UTC - "Earlier today, Mozilla Firefox 2.0.0.5 was released which has a number of bug fixes including a couple of privacy related bugs and a few security related ones. Mozilla's Forum* show many of the details of these fixes for those that would like to peruse until the release notes** are updated. You can download the newest version from mozilla.com or through its automated update facility."

    * http://forums.mozillazine.org/viewto...cc87b842eccaae

    Fixed in Firefox 2.0.0.5
    ** http://www.mozilla.org/projects/secu...firefox2.0.0.5

    Download:
    > http://www.mozilla.com/en-US/firefox/all.html

    ------------------------------

    - http://secunia.com/advisories/26095/
    Release Date: 2007-07-18
    Critical: Highly critical
    Impact: Cross Site Scripting, Spoofing, DoS, System access
    Where: From remote
    Solution Status: Vendor Patch...
    Solution: Update to version 2.0.0.5...

    - http://secunia.com/advisories/25984/

    .
    Last edited by AplusWebMaster; 2007-07-18 at 15:26.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #15
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    > http://www.mozilla.org/security/anno...sa2007-23.html
    "...Note: Other Windows applications can be called in this way and also manipulated to execute malicious code. This fix only prevents Firefox and Thunderbird from accepting bad data. This patch does not fix the vulnerability in Internet Explorer."
    ------------------------------

    - http://www.us-cert.gov/current/#mult...ozilla_firefox
    July 18, 2007

    Last edited by AplusWebMaster; 2007-07-18 at 20:05.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #16
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    - http://preview.tinyurl.com/ytjep2
    July 18, 2007 - (Mozilla Security Blog) - "Firefox 2.0.0.5 is now available and there is a fix for the URL protocol handling issue... We warned that other Windows applications may be vulnerable to this Internet Explorer issue, and on Sunday Nate Mcfeters, Billy Rios, and Raghav Dube posted a proof of concept that demonstrates the same attack through Internet Explorer to execute code in Trillian. Additionally, Thor Larholm says*..."

    * http://larholm.com/2007/07/18/firefo...explorer-flaw/
    July 18, 2007 - "... I can still automatically launch a wide range of external applications from Internet Explorer and provide them with arbitrary command line arguments. AcroRd32.exe (Adobe Acrobat PDF Reader), aim.exe (AOL Instant Messenger), Outlook.exe, msimn.exe (Outlook Express), netmeeting.exe, HelpCtr.exe (Windows Help Center), mirc.exe, Skype.exe, wab.exe (Windows Address Book) and wmplayer.exe (Windows Media Player) - just to name a few. I can categorically deny that this flaw has been fixed in Internet Explorer. Nicolas Robillard even detailed this flaw back in 2004 and it has remained unpatched since long before then..."

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #17
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox v2.0.0.6 released

    FYI...

    Firefox v2.0.0.6 released

    From an admin account, start Firefox, then >Help >Check for Updates
    -or-
    Download:
    > http://www.mozilla.com/firefox/all.html

    Release Notes
    > http://www.mozilla.com/en-US/firefox.../releasenotes/
    Release Date: July 30, 2007
    -------------------------------

    - http://blog.mozilla.com/security/200...now-available/
    30 July 2007 - "We’ve just released Firefox 2.0.0.6... The patch enables percent-encoding for spaces and double-quotes in URIs handed off to external programs. This reduces the risk of malicious data being passed through Firefox to another application that may then trigger unexpected and potentially dangerous behavior..."

    .
    Last edited by AplusWebMaster; 2007-07-31 at 16:18.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #18
    Former Microsoft MVP (RIP) siljaline's Avatar
    Join Date
    Oct 2005
    Location
    Montréal, Canada
    Posts
    50

    Default

    Thanks for the heads-up.

    Silj

  9. #19
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox v2.0.0.7 released

    FYI...

    Firefox v2.0.0.7 released

    From an admin account, start Firefox, then >Help >Check for Updates
    -or-
    Download:
    > http://www.mozilla.com/firefox/all.html

    Release Notes
    > http://www.mozilla.com/en-US/firefox.../releasenotes/
    Release Date: September 18, 2007


    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #20
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v2.0.0.8 released

    FYI...

    Firefox v2.0.0.8 released

    From an admin account, start Firefox, then >Help >Check for Updates
    -or-
    Download:
    > http://www.mozilla.com/firefox/all.html

    Release Notes
    > http://www.mozilla.com/en-US/firefox.../releasenotes/
    Release Date: October 18, 2007

    - http://secunia.com/advisories/27311
    Release Date: 2007-10-19
    Critical: Highly critical
    Impact: Spoofing, Manipulation of data, Exposure of sensitive information, DoS, System access...
    Solution: Update to version 2.0.0.8.

    Last edited by AplusWebMaster; 2007-10-19 at 19:06.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •