Mozilla has released Firefox 3.6.2 about a week ahead of the original schedule. The update addresses some stability issues and a number of security vulnerabilities, most notably the critical security flaw described in Bug 552216, which could allow an attacker to execute malicious code on the target system.
Firefox is the number two Web browser behind Microsoft Internet Explorer, and is widely used as the de facto replacement for Internet Explorer in businesses around the world. Internet Explorer and Firefox combined have over 85 percent market share--leaving less than 15 percent to be divided among the remaining players.
Impact key:
- Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
- High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
- Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
- Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)
Posts
No comments:
Post a Comment