Sign in / up

back to article Mozilla ships first security update for Firefox 4

Mozilla has issued the first ever security update for Firefox 4.0, including a fix for two chunks of code that allowed attackers to override a key security protection baked in to recent versions of the Windows operating system. The slip up in the two WebGLES graphics libraries, which Mozilla added to the latest version of the …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    WTF?

    "The First Ever"

    So? Are we supposed to break a bottle of champagne over it?

    There are going to be many such updates: just, this is number one. No big deal.

    0 1
  2. Richard Tobin

    Garbled

    "including one in the XSLT generate-id() function heap"

    There's no such thing as a function heap. The actual description is "XSLT generate-id() function heap address leak" which means revealing a heap address in the generate-id() function.

    1 0
  3. Anonymous Coward
    Anonymous Coward

    Q/A what the hell is that!

    With an application that's deployed as widely as Firefox, surely their code goes through some kind of Q/A process? I would have hoped that the process checks for more than simply a successful compilation.

    2 2
  4. Richard 33

    ASLR

    It's not clear from your article, but ASLR has been available on "other platforms" (specifically Linux and OpenBSD) since 2005, and is routinely used when compiling all programs including Firefox. Microsoft were late to the game.

    0 0
  5. M.A
    Unhappy

    firefox losing it?

    Firefox was renound for being the most secure browser i hope this not going to tarnish that too much.

    0 1
  6. william_7

    release notes

    url for release notes:

    http://www.mozilla.com/en-US/firefox/4.0.1/releasenotes/

    https://bugzilla.mozilla.org/buglist.cgi?quicksearch=ALL%20status2.0%3A.1-fixed

    fairly sure in my guessing that their 'update' built in feature of firefox is a fairly robust download manager - yet still there is no effective download manger in ff4.

    I am glad to see the bug whereby 'pdfs larger than 5mb not being viewable' is marked as being fixed.

    0 0
  7. The BigYin

    And...

    ..."World Biggest Pac Man" still doesn't work. Who's to blame? MS for not sticking to the proposed-Standards, or Mozilla for not correctly implementing same?

    0 0
This topic is closed for new posts.

Other stories you might like