Mozilla has released an update to the Firefox web browser that its developers say fixes a number of stability and security issues found in version 3.0.6 – three of which were rated critical. One of the most serious vulnerabilities fixed in Firefox 3.0.7 relates to crashes with evidence of memory corruption that could potentially be exploited to run arbitrary code.
Other critical flaws addressed in this update include one within the browser’s garbage collection process, involving improper memory management of a set of cloned XUL DOM elements, as well as bugs in the PNG library used by Firefox that could also create a possible way for hackers to inject malware onto vulnerable systems. Malware exploiting these bugs is yet to be seen in the wild but users are still advised to get the latest Firefox release. You can read a complete list of changes here.
In other Firefox-related news, Mozilla today said that the next major release will be known as Firefox 3.5, rather than 3.1 as originally planned, in order to better reflect the number of changes and new features in the often delayed update. The next beta release, which is due to arrive on March 12, will remain at 3.1 but the final release will become Firefox 3.5.