Network News

X My Profile
View More Activity

Critical Security Updates for Firefox, Safari

Apple and Mozilla have each issued updates to fix a large number of critical security flaws in their respective Safari and Firefox Web browsers. The Apple update, which brings Safari to version 3.2, is reportedly causing many users to experience frequent browser crashes.

According to an article Friday at MacFixIt, some of the problems seem related to several Safari plug-ins, including "Concierge" bookmarks manager, "PithHelmet" ad-blocking software, and "AcidSearch" search enhancement software.

saf32.jpg

Other problems with this update may be related to a new anti-phishing feature built into Safari 3.2 (Firefox and Microsoft's Internet Explorer have had this feature for more than two years now). MacFixIt and other forums suggest those having trouble with the Safari update should disable the phishing filter and see if that helps. If not, check to see if removing any installed add-ons fixes the problem.

While the Safari update fixes more flaws in the version built for Windows (all 11 flaws fixed in this bundle affect Windows vs. just four on the Mac version), I haven't yet seen any reports of major problems with the Windows flavor.

fff.jpg

The Firefox patch is an overall "critical" update that corrects at least nine security holes in the browsers. The update brings Firefox 3 users to 3.0.4, and Firefox 2 users to 2.0.0.18. It looks like Mozilla somehow skipped 2.0.0.17, and Mozilla has said that its last update for the 2.0 version would be 2.0.0.19, which is probably due out before the end of the year.

By Brian Krebs  |  November 16, 2008; 10:33 PM ET
Categories:  Latest Warnings , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: A Closer Look at McColo
Next: 'Network Identity Theft' Politely Avenged

Comments

There was a 2.0.0.17. It updated to my system Sept. 27.

Posted by: robperez1 | November 17, 2008 6:53 AM | Report abuse

You said "It looks like Mozilla somehow skipped 2.0.0.17", which was released back in late September. The Mozilla folks move a lot faster in fixing and updating, so fast that you can miss a revision if you blink some days. *chuckle*

Posted by: TalGreywolf | November 17, 2008 7:00 AM | Report abuse

My XP detected and installed the 3.04 Firefox update. For my Linux running Ubuntu and no MS, Synaptic package manager still shows 3.03 as the last version officially made available by Ubuntu. This situation occurs now and again, not just with Ubuntu-Firefox. Are there situations wherein Ubuntu's time-delay increases risk?

Posted by: TeresaBinstock | November 17, 2008 9:01 AM | Report abuse

Now if only Firefox 3.x would post over -- say 1,000 words to the WaPo without locking up and not transferring the data, then I wouldn't have to copy and paste it into another browser. And none of the other browsers seem to present this issue but Firefox -- ugg.

Posted by: brucerealtor@gmail.com | November 17, 2008 11:25 AM | Report abuse

Brucerealtor, a useful but little known feature of Firefox 3.x is the so-called «prolixity filter», which filters out postings considered too long. Try cutting yours down to, say, no more than 500 words and I'm sure you will be as successful in posting to Brian's column directly from FF3 builds as I was on my 64 bit Ubuntu Intrepid machine....

Henri

Posted by: mhenriday | November 17, 2008 1:38 PM | Report abuse

Mozilla's version of Eudora was also recently updated to 8.0.0b4.

Posted by: pj48 | November 17, 2008 6:43 PM | Report abuse

brucerealtor prolix? Naaaa!

Posted by: peterpallesen | November 18, 2008 8:40 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company