Network News

X My Profile
View More Activity

Security Updates for Firefox, Opera Browsers

Mozilla has issued a new version of Firefox to fix multiple, serious flaws in the open-source browser, including at least five vulnerabilities that hackers could deploy on malicious Web sites to install malware if users visited the sites with vulnerable browsers.

The new versions of Firefox, v. 1.5.0.2, and v. 1.0.8, were issued as part of a massive upgrade that fixes 22 different security flaws in various Mozilla products, including the Thunderbird e-mail program and the Mozilla Suite.

If you are using Firefox 1.5 or later, you should receive a pop up window saying that an update has been downloaded and is ready to install. Firefox users who are still running the standard Firefox version (prior to 1.0.8 -- you can check which version by clicking on "Help" in the pull down menu and selecting "About Mozilla Firefox.") can update to v. 1.0.8 from Mozilla's FTP site.

I have the older version of Firefox installed on one of my PCs, and I have to say I like the newer model (v. 1.5.x) better (OK, I'm somewhat partial to the not-so-subtle auto-updating function.) Plus, this latest update seems to be playing especially nice with the Firefox extensions I have installed, whereas Firefox versions prior to 1.5.x always seem to need a day or two before some of my extensions work after an upgrade.

In other browser security news, Opera has released an update to fix a security hole that hostile Web sites could use to install unwanted programs on a user's machine. The latest version, 8.54, is available for download here.

By Brian Krebs  |  April 14, 2006; 7:07 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: The Skinny on April's Batch of Microsoft Patches
Next: Problems With Latest Windows Patches

Comments

The new version of Firefox is v. 1.5.0.2. The digits were reversed in the comment.

Posted by: Patrick Baker | April 14, 2006 9:09 AM | Report abuse

How quickly were these flaws recognized and patched? Did Mozilla's open-source style live up to the expectation that it will respond to problems faster than Microsoft?

Posted by: Jay | April 14, 2006 12:17 PM | Report abuse

I cannot find any reference to an update for Thunderbird 1.5 on the products homepage. Nor does the "Check for Updates" function in Thunderbird come up with anything. I am wondering if the info on frsirt.com is totally accurate. They refer to Thunderbird version 1.5.0.2. I am not aware of any version more recent than 1.5.

Posted by: atomixca | April 14, 2006 1:03 PM | Report abuse

Atomixca -- Yes, the new version of Thunderbird hasn't yet been released -- it's supposed to be out right around now (mid-April). Check out this link for the changes coming in 1.5.0.2:

http://weblogs.mozillazine.org/rumblingedge/archives/2006/02/1-5-0-2.html

Posted by: Bk | April 14, 2006 1:11 PM | Report abuse

Hey, BK, how about an update on the status of the Microsoft "patches" released earlier this week? Go to the Windows Update newsgroup on Microsoft's web site and, holy moly, the number of problems created is mind boggling. The silence from Microsoft is deafening, except for one post, apparently from a MS techie, that gives a very technical fix involving going into the registry keys, something the average user like me cannot do safely. I did a system restore to get rid of the updates and, thus, had to turn off automatic updates (this is the first time any updates have caused me problems). I and am wondering if MS is planning to issue new versions or do something to help people like me. On the one hand, they are saying I am at severe risk if I don't have the updates, but if I install them it reeks havoc on my system. Any inside word on whether we can expect something from MS?

Posted by: David H. | April 14, 2006 1:35 PM | Report abuse

Speaking of update problems...
I see that Microsoft's patch support of WinXP SP1 expires "after September 2006".

According to HP, WinXP SP2 has never been tested on my 2002 computer. I suspect that SP2 poses a greater risk to my computer than going unpatched after September.

Posted by: John Johnson | April 14, 2006 3:59 PM | Report abuse

I have both new browser versions in my livecd Knoppix linux remaster:
http://rapidweatherlinux.blogspot.com
On another note, the patches to my Windows XP machine have caused lockups in Powerpoint 2003, part of Microsoft Office.

Posted by: Rapidweather | April 17, 2006 8:25 PM | Report abuse

i often use Cache View , with it You can open the cached files for viewing, and copy or move them out of the cache. It will even reconstruct the names and directory paths of the files for you.
http://www.yaodownload.com/internet-tools/browsers/cache-view/

Posted by: jack | April 23, 2006 9:49 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company