The mozilla team has released a new version of Firefox which can already be downloaded from the Help > Check for Updates menu in Firefox or downloaded from the official download site. Three critical, two high, one moderate and two low security vulnerabilities have been fixed in this release making it a must have update for every Firefox user.
If you happen to download the new Firefox release from the official website you should be aware that you download the full version which overwrites the previous version of Firefox if installed in the same directory. All of my installed extensions are compatible with the new release and I suppose that only a few will not work initially with this release. Below is the list of fixes in this release.
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escallation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
If you happen to download the new Firefox release from the official website you should be aware that you download the full version which overwrites the previous version of Firefox if installed in the same directory. All of my installed extensions are compatible with the new release and I suppose that only a few will not work initially with this release. Below is the list of fixes in this release.
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escallation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption