DarkFiber Consulting – IT Managed Services

Mozilla Releases Firefox 3.6.11

October 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.14 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey and are addressed in Thunderbird 3.1.5 and 3.0.9 and SeaMonkey 2.0.9.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation Security Advisories released on October 19, 2010 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.6.7

August 6th, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.7 and Firefox 3.5.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation security advisories released on July 20, 2010, and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.6.4

June 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.4 and Firefox 3.5.10 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users and administrators to review the security advisories for Firefox 3.6 and Firefox 3.5 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Security Advisories

March 1st, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released multiple security advisories to address vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or bypass security restrictions.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation security advisories. Firefox users may upgrade to version 3.0.18, 3.5.8, or 3.6 to help mitigate the risks. Thunderbird users should upgrade to version 3.0.2, and SeaMonkey users should upgrade to version 2.0.3 once those updates are released by the vendor.

Mozilla Foundation Releases Firefox 3.0.9

May 9th, 2009 . by DarkFiber Consulting

Mozilla Foundation has released Firefox 3.0.9 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, leverage additional attacks, or obtain sensitive information. The Mozilla Foundation security advisories indicate that many of these vulnerabilities also affect SeaMonkey and Thunderbird.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation Security Advisories website for more information about the vulnerabilities and upgrade to Firefox 3.0.9 to help mitigate the risks.

Mozilla Releases Updates to Address Vulnerabilities in Multiple Products

November 13th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 2.0.0.18, Firefox 3.0.4, and SeaMonkey 1.1.13 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, security bypass, cross-site scripting, denial of service, and information disclosure. As described in the Mozilla Foundation security advisories, some of these vulnerabilities may also affect Thunderbird.

DarkFiber Consulting encourages users to review the Mozilla Foundation security advisories and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox 3.0.2

September 24th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 3.0.2 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, enabling cross-site scripting, privilege escalation, information disclosure, and denial of service. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Mozilla Releases Firefox 3.0.1

July 18th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey. Two of these vulnerabilities were previously fixed in Firefox 2.0.0.16 as well; please see the DarkFiber Consulting Current Activity entry Mozilla Releases Firefox 2.0.0.16 for additional information.

DarkFiber Consulting encourages users to review the following Mozilla Foundation Security Advisories and upgrade to Firefox 3.0.1 or implement the workarounds provided in the documents to help mitigate the risks:

  • MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
  • MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running
  • MFSA 2008-36 : Crash with malformed GIF file on Mac OS X

Mozilla Releases Firefox 2.0.0.16

July 18th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 2.0.0.16 to address two vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users to review the following Mozilla Foundation Security Advisories and upgrade to a fixed version or implement the workarounds listed in the documents to help mitigate the risks.

MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running