Mozilla patches two security holes in Firefox 3.0.8

By on
Mozilla has released an updated 3.0.8 version of their flagship Firefox browser addressing two security holes rated as critical. The release came a bit earlier than expected, as the company rushed to fix not only the vulnerability used by security researcher “Nils” to win the Pwn2Own contest little over a week ago, but also a separate zero-day flaw disclosed last week on a public exploit site.

The first vulnerability involves Mozilla’s XML user interface markup language, XUL, while the second one relates to a problem with the XSL stylesheet that could be used to crash the browser during a XSL transformation. Both of these bugs could be triggered by tricking a victim into viewing a maliciously coded webpage, which would then allow an attacker to install and run unauthorized code on a victim’s computer. You can read more about this update in the official release notes or download Firefox 3.0.8 here.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.