Mozilla Releases Firefox Browser 2.0.0.13 Security Update

March 25, 2008

Tonight, while I was browsing with Firefox, it was suddenly upgraded from version 2.0.0.12 to 2.0.0.13. This is because I set the option for Firefox to automatically check for and apply updates. Being the curious type I looked up the release notes, to find out why this new sub-version was pushed out, so quietly tonight. Here is the skinny.

What's New in Firefox 2.0.0.13

Release Date: March 25, 2008
Security Update: The following security issues were fixed.

MFSA 2008-19: XUL popup spoofing variant (cross-tab popups) - High
MFSA 2008-18: Java socket connection to any local port via LiveConnect - High
MFSA 2008-17: Privacy issue with SSL Client Authentication - Low
MFSA 2008-16: HTTP Referrer spoofing with malformed URLs - Moderate
MFSA 2008-15: Crashes with evidence of memory corruption (rv:1.8.1.13) - Critical
MFSA 2008-14: JavaScript privilege escalation and arbitrary code execution - Critical

This is half the vulnerabilities that were patched in the previous upgrade, from 2.0.0.11 to 2.0.0.12, which was released on February 7, 2008. If you use Firefox Browsers you should check for updates as soon as you go online with a computer it is installed on. It may beat you to the draw though! Otherwise, open Firefox and click on the Menu Item: "Help" > "Check for Updates." If you need the update it will be displayed prominently, with a button to Download and Install now. It'll only take a minute or so, on Broadband, after which a box will pop-up telling you that Firefox was upgraded and must be restarted. Click Ok to restart, even if you have multiple tabs open. They will reopen when Firefox restarts. You may have to login to password protected sites. After the update and restart, if you use and Add-Ons, or Extensions, run a check for updates to those items. It may take a few days for the authors to catch up and issue new releases to remain compatible with the latest updates. Most of the time everything I have added on still works after numerous upgrades.

If this is all news to you and you have not tried the FIrefox browser, here is a link to the official Firefox download page, for all languages. If you, like me, are in the US (or Canada), and use the US English version, on a Windows based computer, here is your Firefox download link, for the 5.7 Mb file. Save it to your hard drive and run setup. During the setup process Firefox will offer to import your Internet Explorer Favorites and Cookies. Allow it to import these items and finish the installation. Once Firefox opens you will have Bookmarks instead of Favorites, but, all of your previously saved Favorites will be available by clicking on Bookmarks > "From Internet Explorer." Mouse over this folder and all your Favorites will flyout in a list. Clicking on any bookmark will open it in the browser. Since you told it to import your cookies your preferences will carry over as well, although you may have to re-type your logins to some websites, manually. If this is necessary, tell Firefox to remember your login for that website and it will be safely stored for you.

Firefox is a tabbed browser and can open links you click on in a new tab, instead of a new Window. You have the option of giving the new tab focus, or staying put where you were when you clicked on the link. Furthermore, Firefox does not run any ActiveX controls, thus making it infinitely more safe to browse with then Internet "Exploder." Give Firefox a try today.

Trend Micro Internet Security products,

for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.