All the latest UK technology news, reviews and analysis

Mozilla posts new Firefox security updates

by Shaun Nichols

04 Aug 2009

Be the first to comment

  • Tweet this
Firefox
New Firefox flaws could allow attackers to steal personal data

Mozilla has released new Firefox security patches, and is advising users to update their browsers immediately.

The company issued updates for two vulnerabilities in versions of Firefox prior to 3.5 which could allow attackers to steal personal data and remotely execute code.

Further reading

The first lies in the handling of the Secure Socket Layer protocol and could allow an attacker to issue false security certificates and possibly steal user data. Discovery of the flaw was attributed to researchers Dan Kaminsky and Moxie Marlinspike.

The second of the two vulnerabilities, discovered by Marlinspike, could allow remote code execution. An attacker could use a specially crafted certificate to cause an application crash and leave users vulnerable to further attacks.

Mozilla said that Firefox 3.5 is not believed to be vulnerable to either of the issues. Firefox 3.0 users are being advised to update to version 3.5.

The company issued an update for Firefox 3.5 in mid-July to fix an unrelated flaw in the browser's JavaScript component.

The new releases come just days after the company marked the one billionth download for the popular open source web browser.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Open Source

Android and Java logos

Oracle dealt critical blow in Android case as judge dismisses Java copyright claim

Related white papers

Related articles

Related jobs

Today's top stories

Olympics

Top 10 steps businesses can take to prepare for the Olympics

amazon-kindle-touch-e-book-reader

Amazon Kindle Touch review

London Underground train going into tunnel

Virgin reveals 82 London Underground stations to receive Wi-Fi

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

29%

1%

12%

58%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

PHP Software Developers/Programmers- Automated Trading - London

PHP Software Developers/Programmers- Automated Trading...

1st Level Application Support - Southampton, Hampshire - £20K

1st Level Application Support required to join a leading...

Helpdesk Adviser; Service desk Analyst; Northeast’s; £Neg on Experienc

Helpdesk adviser required for a major organisation in...

.NET Developer

.NET Developer is needed for a financial services...

To send to more than one email address, simply separate each address with a comma.