Mozilla has published new versions of its Firefox web browser, fixing a number of security vulnerabilities, including two rated as critical that could allow attackers to inject malware onto PCs. Specifically, these critical flaws addressed in Firefox 3.0.2 include a crash bug that could result in memory corruption and another involving privilege escalation via XPCnativeWrapper pollution.
Two other moderate issues were addressed with the update, as well as a variant of a “click-hijacking” vulnerability first reported in Microsoft’s Internet Explorer a while back. Mozilla also patched similar flaws on Firefox 220.127.116.11, for those still using the earlier version of the browser. As usual, you can find the latest version in our downloads section or hit the Help menu and choose "Check for Updates" instead.