Page 9 of 9 FirstFirst ... 56789
Results 81 to 85 of 85

Thread: Firefox updated...

  1. #81
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,564

    Exclamation Firefox Support for XP and Vista

    FYI...

    Update on Firefox Support for Windows XP and Vista
    - https://blog.mozilla.org/futurerelea...-xp-and-vista/
    Dec 23, 2016 - "In approximately March, 2017, Windows XP and Vista users will automatically be moved to the Firefox Extended Support Release (ESR*).
    Firefox is one of the few browsers that continues to support Windows XP and Vista, and we expect to continue to provide security updates for users until September 2017. Users do not need to take additional action to receive those updates. In mid-2017, user numbers on Windows XP and Vista will be reassessed and a final support end date will be announced. In the meantime, we strongly encourage our users to upgrade to a version of Windows that is supported by Microsoft. Unsupported operating systems receive no security updates, have known exploits, and are dangerous for you to use. For planning purposes, enterprises using Firefox should consider September 2017 as the support end date for Windows XP and Vista. For more information please visit the Firefox support page**."
    * https://www.mozilla.org/en-US/firefox/organizations/

    ** https://support.mozilla.org/en-US/kb...s-xp-and-vista
    "... Firefox version 52 will be the last complete update for Windows XP and Windows Vista. Security updates will be released, but no new features... Firefox is one of the only browsers to offer any support for Windows XP and Vista. Microsoft itself ended support for Windows XP in 2014 and will end support for Windows Vista in 2017. Unsupported operating systems receive no security updates, have known exploits, and can be dangerous to use, which makes it difficult to maintain Firefox on those versions.
    Firefox security updates for XP and Vista users will continue until September 2017, although new features will not be offered. In mid-2017, a final support end date will be announced based on the number of users still on Windows XP and Vista..."

    > https://www.mozilla.org/en-US/firefo...nizations/faq/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #82
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,564

    Exclamation Firefox 51.0 released

    FYI...

    Firefox 51.0 released

    Start Firefox, then >Help >About >Apply Update ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Jan 24, 2017

    Security vulnerabilities fixed in Firefox 51
    - https://www.mozilla.org/en-US/securi...fox/#firefox51
    Security vulnerabilities fixed in Firefox 51
    - https://www.mozilla.org/en-US/securi...s/mfsa2017-01/
    Critical
    CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
    CVE-2017-5376: Use-after-free in XSL
    CVE-2017-5377: Memory corruption with transforms to create gradients in Skia
    CVE-2017-5374: Memory safety bugs fixed in Firefox 51
    CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7

    Firefox ESR 45.7: https://www.mozilla.org/en-US/securi...firefoxesr45.7
    ___

    - http://www.securitytracker.com/id/1037693
    CVE Reference: CVE-2017-5373, CVE-2017-5374, CVE-2017-5375, CVE-2017-5376, CVE-2017-5377, CVE-2017-5378, CVE-2017-5379, CVE-2017-5380, CVE-2017-5381, CVE-2017-5382, CVE-2017-5383, CVE-2017-5384, CVE-2017-5385, CVE-2017-5386, CVE-2017-5387, CVE-2017-5388, CVE-2017-5389, CVE-2017-5390, CVE-2017-5391, CVE-2017-5392, CVE-2017-5393, CVE-2017-5394, CVE-2017-5395, CVE-2017-5396
    Jan 25 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 51.0 ...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can gain elevated privileges on the target system.
    A remote user can bypass security controls on the target system.
    A remote user can obtain potentially sensitive information on the target system.
    A remote user can spoof a URL.
    Solution: The vendor has issued a fix (51.0, ESR 45.7)...

    Last edited by AplusWebMaster; 2017-01-25 at 11:08.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #83
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,564

    Exclamation Firefox 52.0 released

    FYI...

    Firefox 52.0 released

    Start Firefox, then >Help >About >Apply Update ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Mar 7, 2017
    New:
    - Added support for WebAssembly, an emerging standard that brings near-native performance to Web-based games, apps, and software libraries without the use of plugins.
    - Enabled multi-process Firefox for Windows users with touch screens
    - Added user warnings for non-secure HTTP pages with logins. Firefox now displays a “This connection is not secure” message when users click into the username and password fields on pages that don’t use HTTPS.
    - Implemented the Strict Secure Cookies specification which forbids insecure HTTP sites from setting cookies with the "secure" attribute. In some cases, this will prevent an insecure site from setting a cookie with the same name as an existing "secure" cookie from the same base domain.
    - Enhanced Sync to allow users to send and open tabs from one device to another...
    Changed:
    - Removed support for Netscape Plugin API (NPAPI) plugins other than Flash. Silverlight, Java, Acrobat and the like are no longer supported:
    > https://support.mozilla.org/t5/Probl...-no/ta-p/31069
    >> Migrated Firefox users on Windows XP and Windows Vista operating systems to the extended support release (ESR*) version of Firefox...

    [Corrections:
    > https://www.mozilla.org/en-US/firefo...-requirements/
    ... Windows
    Operating Systems (32-bit and 64-bit)
    Windows XP SP2
    Windows Server 2003 SP1
    Windows Vista
    Windows 7
    Windows 8
    Windows 10
    Please note that 64-bit builds of Firefox are only supported on Windows 7 and higher.
    Windows XP/Vista/Server 2003 are no longer supported by regular Firefox releases.
    These users should migrate to ESR 52..."
    [Direct download for Firefox Extended Support Release]:
    >> https://www.mozilla.org/en-US/firefo...nizations/all/
    ... which -is- the new -supported- version for for XP and Vista.]

    Firefox ESR Overview
    - https://www.mozilla.org/en-US/firefo...nizations/faq/

    Security vulnerabilities fixed in Firefox 52
    - https://www.mozilla.org/en-US/securi...fox/#firefox52
    Fixed in Firefox 52
    - https://www.mozilla.org/en-US/securi...s/mfsa2017-05/
    Critical
    CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
    CVE-2017-5401: Memory Corruption when handling ErrorResult
    CVE-2017-5402: Use-after-free working with events in FontFace objects
    CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
    CVE-2017-5404: Use-after-free working with ranges in selections
    CVE-2017-5399: Memory safety bugs fixed in Firefox 52
    CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8

    - http://www.securitytracker.com/id/1037966
    CVE Reference: CVE-2017-5398, CVE-2017-5399, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, CVE-2017-5404, CVE-2017-5405, CVE-2017-5406, CVE-2017-5407, CVE-2017-5408, CVE-2017-5409, CVE-2017-5410, CVE-2017-5411, CVE-2017-5412, CVE-2017-5413, CVE-2017-5414, CVE-2017-5415, CVE-2017-5416, CVE-2017-5417, CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, CVE-2017-5421, CVE-2017-5422, CVE-2017-5425, CVE-2017-5426, CVE-2017-5427
    Mar 8 2017
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can cause denial of service conditions.
    A remote user can delete files on the target system.
    A remote user can bypass security controls on the target system.
    A remote user can obtain potentially sensitive information on the target system.
    A remote user can spoof a URL.
    Solution: The vendor has issued a fix (52.0)...

    * Firefox ESR 45.8: https://www.mozilla.org/en-US/securi...firefoxesr45.8
    ___

    - https://www.us-cert.gov/ncas/current...ecurity-Update
    Mar 7, 2017

    Last edited by AplusWebMaster; 2017-03-09 at 22:57.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #84
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,564

    Exclamation Firefox 52.0.1 released

    FYI...

    Firefox 52.0.1 released

    Start Firefox, then >Help >About >Apply Update ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    ESR download: https://www.mozilla.org/en-US/firefo...nizations/all/

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    March 17, 2017
    Various security fixes
    - https://www.mozilla.org/en-US/securi...#firefox52.0.1

    - https://www.mozilla.org/en-US/securi...refoxesr52.0.1

    > https://www.mozilla.org/en-US/securi...s/mfsa2017-08/
    Critical
    March 17, 2017
    Fixed in:
    - Firefox 52.0.1
    - Firefox ESR 52.0.1
    CVE-2017-5428: integer overflow in createImageBitmap()

    - http://www.securitytracker.com/id/1038060
    CVE Reference: CVE-2017-5428
    Mar 17 2017
    Version(s): 52.0; possibly prior versions...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    Solution: The vendor has issued a fix (52.0.1, ESR 52.0.1)...

    Last edited by AplusWebMaster; 2017-03-18 at 17:36.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #85
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,564

    Exclamation Firefox 53.0 released

    FYI...

    Firefox 53.0 released

    Start Firefox, then >Help >About >Apply Update ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    XP/Vista: 52.1.0 ESR download: https://www.mozilla.org/en-US/firefo...nizations/all/

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    April 19, 2017
    Fixed:
    Various security fixes:
    - https://www.mozilla.org/en-US/securi...fox/#firefox53

    - https://www.mozilla.org/en-US/securi...s/mfsa2017-10/
    Security vulnerabilities fixed in Firefox 53
    Critical:
    CVE-2017-5433: Use-after-free in SMIL animation functions
    CVE-2017-5435: Use-after-free during transaction processing in the editor
    CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
    CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
    CVE-2017-5459: Buffer overflow in WebGL
    CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL
    CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
    CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

    - https://www.mozilla.org/en-US/securi...s/mfsa2017-12/
    Security vulnerabilities fixed in Firefox ESR 52.1
    ___

    - http://www.securitytracker.com/id/1038320
    CVE Reference: CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5450, CVE-2017-5451, CVE-2017-5452, CVE-2017-5453, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5463, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5468, CVE-2017-5469
    Apr 20 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 53.0 ...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can obtain files on the target system.
    A remote user can spoof a URL.
    A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
    Solution: The vendor has issued a fix (53.0)...
    ___

    - https://www.us-cert.gov/ncas/current...curity-Updates
    April 19, 2017

    Last edited by AplusWebMaster; 2017-04-20 at 13:21.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •