Critical updates for Firefox released

Firefox has been updated to fix a major security flaw.  Updates have been released for Windows, Mac and Linux (being v.1.50.0.10 and 2.0.0.2).

The primary vulnerability addressed by this update is the location.hostname vulnerability.  It is a doozy, potentially allowing hackers to tamper with authentication cookies for third party sites, and control how Web sites are displayed and operate.  Phishers, in particular, would find this vulnerability very useful, because a user could be fooled into thinking they are connecting to their bank, when in fact it is a bad guy that is controlling what they see.

2.0.0.2 can be downloaded at www.getfirefox.com.  1.5.0.10 is available at http://www.mozilla.com/firefox/all-older.html

It should be noted that 1.5.0.x will only receive security and stability updates until 24 April 2007, then you're on your own.

Published Sat, Feb 24 2007 7:51 by sandi
Filed under:

Comments

# re: Critical updates for Firefox released

Friday, February 23, 2007 10:46 PM by Sonic

Thanks for your information. Despite being "Queen of IE", you are still willing to share the security information about Firefox. Well Done!