Version 220.127.116.11 includes a memory error patch, better handling of digitally signed pages and a workaround to thwart hackers attempting to fake HTTP Referer headers.
"[Security researcher] Gregory Fleischer demonstrated that it was possible to generate a fake HTTP Referer header by exploiting a timing condition when setting the 'window.location' property," said Mozilla in a security advisory.
"This could be used to conduct a Cross-Site Request Forgery attack against websites that rely only on the Referer header as protection against such attacks."
Customers still using Firefox 1.5 are strongly advised to upgrade immediately, while those using version two should get updated automatically.
"If you already have Firefox 2.x, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting 'Check for Updates' from the Help menu," said Mozilla.
Mozilla released a beta of Firefox 3.0 on 20 November offering improved phishing protection, new antivirus software and parental control settings.
Don't require the rare material being mined from the mountains of South America
IBM hopes that its new tool will avoid bias in artificial intelligence
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described