Mozilla has released an update for its Firefox 3.0 browser which patches eight security flaws.
Among the flaws fixed by Firefox 3.0.7 is a bug that Mozilla said "showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code".
In an advisory, Mozilla added that it was concerned that JavScript flaws could also be exploited.
"We strongly discourage users from running JavaScript in mail. Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript such as large images," Mozilla added.
This is Mozilla's second security release for the Firefox browser this year. The update can be downloaded direct from Mozilla's website. Alternatively, Firefox 3.0 users will be prompted to download the release with an automatic notification.
0 comments:
Post a Comment