Mozilla Corp., the open source developers of Firefox 1.5 and Thunderbird email client, released patches for a dozen security issues in the software. Some of the patches should also help to stabilize the browser software itself.
The update which is being called 1.5.0.4 is now the fourth security update released since 1.5 was introduced. There are five potentially serious problems in 1.5 that could enable hackers to run software on the systems where the security holes haven't been patched.
Philip Green from earthtimes.com reports:
"Any 1.5 user would easily become a target of such attacks during normal browsing, which made these five flaws critical ones. Attackers could exploit these vulnerabilities to generate buffer overflows after which they could plant and run malicious JavaScript on the system unknown to the user. Of course, the attack can only occur after the user is tricked into clicking on links to a malicious website."
Other problems involve possible memory corruption, privilege escalation and browser crashes are fixed through the updated patches.
Those who use the Firefox 1.5 edition should have updates automatically delivered to them.
Comment Preview