DarkFiber Consulting – IT Managed Services

Mozilla Releases Firefox 3.6.11

October 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.14 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey and are addressed in Thunderbird 3.1.5 and 3.0.9 and SeaMonkey 2.0.9.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation Security Advisories released on October 19, 2010 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.6.7

August 6th, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.7 and Firefox 3.5.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation security advisories released on July 20, 2010, and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.6.4

June 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.4 and Firefox 3.5.10 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users and administrators to review the security advisories for Firefox 3.6 and Firefox 3.5 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.0.12

July 30th, 2009 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.0.12 to address multiple vulnerabilities in Firefox 3.0.x. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or launch cross-site-scripting attacks.

DarkFiber Consulting encourages users and administrators to review Mozilla Foundation Security Advisories released on July 21, 2009 and upgrade to Firefox 3.0.12 to help mitigate the risks.

Mozilla Releases Firefox and Thunderbird Updates

September 29th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox and Thunderbird v2.0.0.17 and Firefox v3.0.3 to address multiple vulnerabilities. These may allow an attacker to execute arbitrary code, obtain sensitive information, conduct cross-site scripting attacks, cause a denial-of-service condition, operate with escalated privileges, or conduct Clickjacking attacks. Note that Firefox v3.0.2 was initially released to address these vulnerabilities. Version 3.0.3 was released to correct a flaw that was unrelated to the vulnerabilities.

DarkFiber Consulting encourages users and administrators to do the following to help mitigate the risks:

Mozilla Releases Firefox 3.0.2

September 24th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 3.0.2 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, enabling cross-site scripting, privilege escalation, information disclosure, and denial of service. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Mozilla Releases Firefox 3.0.1

July 18th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey. Two of these vulnerabilities were previously fixed in Firefox 2.0.0.16 as well; please see the DarkFiber Consulting Current Activity entry Mozilla Releases Firefox 2.0.0.16 for additional information.

DarkFiber Consulting encourages users to review the following Mozilla Foundation Security Advisories and upgrade to Firefox 3.0.1 or implement the workarounds provided in the documents to help mitigate the risks:

  • MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
  • MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running
  • MFSA 2008-36 : Crash with malformed GIF file on Mac OS X

Mozilla Releases Firefox 2.0.0.16

July 18th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 2.0.0.16 to address two vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users to review the following Mozilla Foundation Security Advisories and upgrade to a fixed version or implement the workarounds listed in the documents to help mitigate the risks.

MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running