Home › News › Security
Mozilla patches two security holes in Firefox 3.0.8
Mozilla has released an updated 3.0.8 version of their flagship Firefox browser addressing two security holes rated as critical. The release came a bit earlier than expected, as the company rushed to fix not only the vulnerability used by security researcher “Nils” to win the Pwn2Own contest little over a week ago, but also a separate zero-day flaw disclosed last week on a public exploit site.
The first vulnerability involves Mozilla’s XML user interface markup language, XUL, while the second one relates to a problem with the XSL stylesheet that could be used to crash the browser during a XSL transformation. Both of these bugs could be triggered by tricking a victim into viewing a maliciously coded webpage, which would then allow an attacker to install and run unauthorized code on a victim’s computer. You can read more about this update in the official release notes or download Firefox 3.0.8 here.
The first vulnerability involves Mozilla’s XML user interface markup language, XUL, while the second one relates to a problem with the XSL stylesheet that could be used to crash the browser during a XSL transformation. Both of these bugs could be triggered by tricking a victim into viewing a maliciously coded webpage, which would then allow an attacker to install and run unauthorized code on a victim’s computer. You can read more about this update in the official release notes or download Firefox 3.0.8 here.
Related Stories
Most Popular
| Trending | Featured |
-
iOS 5.1.1 untethered jailbreak tool released, supports 4S, iPad 3
-
After five days, Facebook ranks as worst IPO flop of the decade
-
Rumor: Windows 8 RC will launch June 1, will ship with Adobe Flash
-
Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012
-
Diablo III becomes the fastest-selling PC game in history
Editors' CPU Picks
Subscribe to TechSpot
Get free exclusive content, learn about new features and tech breaking news.