Network News

X My Profile
View More Activity

New Firefox Version Fixes 7 Security Holes

Mozilla this week pushed out a new version of its Firefox Web browser to mend at least seven security holes in the program, including at least four flaws that attackers could use to install software on vulnerable computers.

Firefox version 1.5.0.7 patches several serious security vulnerabilities, including a potential threat to the security of the browser's automatic update functionality, as well as one demonstrated last month that could allow bad guys to fool the browser into accepting perfectly forged digital certificates of the sort typically used to verify the authenticity of a secure Web site or digitally signed e-mail.

If you are using any version of Firefox 1.5, the browser should download and install the update automatically, and alert you that a restart of the browser is needed. If you are using an older version of Firefox, it's time to uninstall the old version (might want to back up that profile first) and upgrade to the latest version.

By Brian Krebs  |  September 16, 2006; 9:31 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Zotob Worm Authors Behind Bars
Next: Newly Detected IE Exploit Spells Massive Spyware Trouble

Comments

Thanks for the Firefox update info but I no longer see the "[check here] to prevent software installaion" option.

Am I missing something basic here?

Ed

Posted by: Ed | September 16, 2006 12:10 PM | Report abuse

Ed...type "about:config" in the URL bar (without the quotes). You'll be able to set various options from there.

Posted by: Slap_Maxwell | September 16, 2006 1:41 PM | Report abuse

Got the update of Firefox; lost all my bookmarks. When I tried Firefox's fix, it imported all my old [mostly disused] bookmarks from IE. So I get to start over....

Posted by: thrh | September 19, 2006 12:41 AM | Report abuse

@THRH: alas, I've run into such a problem often enough that I now backup my profile periodically. Mozilla has directions. Although this update went without a hitch. (It is possible your profile is still on your PC and you could salvage it, see "Moving your profile" on Firefox.com.)

Posted by: DBH | September 19, 2006 4:50 PM | Report abuse

1.5.0.7 update glitch on one PC - lost bookmarks, homepage and ability to customize toolbars. The first two weren't a big problem because I had my profile backed up, but I still have a toolbar issue.
On the next two machines I unistalled Firefox before installing the new version - thankfully it's a small program. Installation of the new version was then clean and picked up the existing profiles.

Posted by: OhioMC | September 21, 2006 9:04 AM | Report abuse

I encourage people to update their Firefox the way I do it:

[1] I copy the plugins folder in \Program Files
some place. You may need some of the other folders depending on what you have added.

[2] I copy my bookmarks.html and hostperm.1 some place else. That is really the only portions that are hard to redo.

[3] I uninstall Firefox (or Netscape or Opera)

[4] I install the newer Firefox (or Netscape or Opera)

[5] I check that all the plugins are still there and that my bookmarks and popup sites are all there. If they aren't I close the broswer and then copy them back in. Then I start up the browser again.

Sorry. Can't help you with the toolbar problem. It is most likely that the toolbar is incompatible with the new version of Firefox. I think downloading the latest version of the toolbar and uninstalling the old version of the toolbar *before* you uninstall Firefox, and installing the newer version of the toolbar *after* you have installed the new version of Firefox may help. That is just a guess. I don't use toolbars.

For that matter, I am thinking of putting almost all of my bookmarks in a simple text file, and only having a dozen or so of the ones I use all the time in the browser bookmarks.

Posted by: hhhobbit | September 29, 2006 4:00 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company