Firefox 2.0.0.8
Unlike 2.0.0.7, Firefox’s new update is highly recommended to fix the crashes that many users have reported.
Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
The security issues that were fixed are as follows:
- URIs with invalid %-encoding mishandled by Windows
- XPCNativeWrapper pollution using Script object
- Possible file stealing through sftp protocol
- XUL pages can hide the window titlebar
- File input focus stealing vulnerability
- Browser digest authentication request splitting
- onUnload Tailgating
- Crashes with evidence of memory corruption (rv:1.8.1.8)
To update your Firefox installation, Click Help>Check for Updates.
Firefox should pick it up and install it after a few seconds.
Tags: free-software