Saturday, March 28th 2009

Mozilla Firefox Updated to 3.0.8

Mozilla today released an important security update to Firefox. With sub-version 3.0.8, The browser has been patched for two critical security vulnerabilities, which are all that make it to this release.

The first vulnerability, titled "Arbitrary code execution via XUL tree element" could allow attackers to compromise a box by using a browser crash to run arbitrary code. The second one titled "XSL Transformation vulnerability" is where attackers get to use browser crashes caused by XSL stylesheets during XSL transformation, to run arbitrary code. For more information, refer to the Security Advisories page for Firefox. Existing Firefox versions will be updated to version 3.0.8 automatically by default. Firefox 3.0.8 can be downloaded from the Mozilla Website.
Add your own comment

33 Comments on Mozilla Firefox Updated to 3.0.8

#1
Mussels
Moderprator
rebuild any browser from the ground up, and more holes will appear.

If it was as simple as you say there'd be a lot of browsers with zero security holes... hmm, i cant find one.
Posted on Reply
#2
TheGuruStud
The only thing that needs to be scrapped and rebuilt fresh that we use is windows :)
Posted on Reply
#3
kiriakost
The most important issue with FF was, that it was started crashing two builds back.

3.0.7 and now 3.0.8 looks like good news , no more funny issues . ;)
Posted on Reply
#4
TheGuruStud
kiriakost said:
The most important issue with FF was, that it was started crashing two builds back.

3.0.7 and now 3.0.8 looks like good news , no more funny issues . ;)
Must be sporadic, I and no one I know have had any crashing problems since like v2 (java is an exception, but has been much better lately and IDK if FF is even to blame).
Posted on Reply
#5
kiriakost
Well i love FF for many years now , i do not use multiple plugins , just a skin and a spell checker .

It started crashing at 3.0.5 , i do not know if was Java , that it dislike it , or other cause .

What I do know is, that it runs good now 100% stable.
Posted on Reply
#6
Studabaker
TheGuruStud said:
The only thing that needs to be scrapped and rebuilt fresh that we use is windows :)
it happened, vista is as close as they could get to a complete ground-up rebuild without totally trashing any sort of legacy components. the problem is that they left us with the same shell, just a little updated and spiced up. with windows 7, not only is the infrastructure changed once again, but even the shell is new.
Posted on Reply
#7
mtosev
Mussels said:
rebuild any browser from the ground up, and more holes will appear.

If it was as simple as you say there'd be a lot of browsers with zero security holes... hmm, i cant find one.
the ones that are less popular have "less" security holes as less ppl exploit them.
Posted on Reply
#8
vagxtr
Haytch said:
I have to laugh at how unsecure Firefox is. Every update addresses security issues. Im not saying other browsers are better or worse, but you simply dont brag about something that was recently patched up to continue being used. Kinda reminds me of a punctured bicycle tyre.
It's Microsoft kinda scheme .... some people love it (updates) and some people hate it but it makes us all feel like someone is taking care of us.

Just wondering how plausible is to us that we first get introduced with somekind alien bugs that weren't there in previous major V2. And then we're on the road to updates. I personally can't believe that V3 introduced clean all cookies bug that is still there w/o clean cookies on close tickled in the options. Well, at least ff gets faster but unfortunately lacks some of it's original style w/o even they try to make some virtual same 'old school appearance' onatopp it's new engine.
Posted on Reply