Mozilla Firefox browser upgrade taken offline due to vulnerability - GoFuckYourself.com

wehateporn · 10-11-2012, 04:07 AM

As the saying goes..."The Early Worms get Eaten by the Birds"

http://www.bbc.co.uk/news/technology-19909106

The latest version of Mozilla's Firefox browser has been taken offline after a security vulnerability was discovered.

Users who had upgraded to version 16 were advised to downgrade to the previous safe release until Firefox developers released a fix.

The vulnerability allowed "a malicious site to potentially determine which websites users have visited", Mozilla said.

The non-profit company said that only a "limited number of users are affected".

The download had been taken offline within a day of its initial release, the organisation's UK spokesman said.

Some users were upgraded automatically to the new version, but are now being advised to uninstall the updates.
Automatically upgraded

In a blog post, Mozilla's director of security assurance Michael Coates said a fix was being worked on and should be expected on Thursday.

"At this time we have no indication that this vulnerability is currently being exploited in the wild," he added.

"Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available.

"As a precaution, users can downgrade to version 15.0.1 by following these instructions. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability."

Firefox was one of the three leading web browsers, with more than 450 million users worldwide, Mozilla said.

Microsoft's Internet Explorer and relative newcomer Google Chrome are its key competitors.

In recent months, various figures suggested Chrome had overtaken Firefox's market share, pushing the Mozilla Foundation's flagship product into third place in the browser race.

Ethereal · 10-11-2012, 04:10 AM

I never understood why they jump from version 15.0.1 to 16 while the only thing done was to change color of a button and break something? Why not just 15.0.2?

wehateporn · 10-11-2012, 04:21 AM

@Ethereal

Firefox 16 arrives with a raft of critical fixes
"Holes associated with a full 14 security advisories were closed in the new Firefox 16, in fact, 11 of them rated ?critical.?

Also notable about Firefox 16 are features including a new developer toolbar, early Web app support, preliminary VoiceOver support in the Mac OS X version, and a new Reader Mode in the Android version.

'A growing set of novel features'

Among the vulnerabilities fixed by Firefox 16 are memory corruption and memory safety hazards, a buffer overflow bug, and a spoofing and script-injection flaw."

http://www.pcworld.com/article/20114...cal-fixes.html

woj · 10-11-2012, 06:08 AM

Quote:

Originally Posted by Ethereal

I never understood why they jump from version 15.0.1 to 16 while the only thing done was to change color of a button and break something? Why not just 15.0.2?

yea, no kidding, I don't recall any major features added in recently, and yet we jumped from 8.0 to 16.0...

10-11-2012, 04:07 AM	#1
wehateporn Promoting Debate on GFY Industry Role: Join Date: Apr 2007 Posts: 27,173	Mozilla Firefox browser upgrade taken offline due to vulnerability As the saying goes..."The Early Worms get Eaten by the Birds" http://www.bbc.co.uk/news/technology-19909106 The latest version of Mozilla's Firefox browser has been taken offline after a security vulnerability was discovered. Users who had upgraded to version 16 were advised to downgrade to the previous safe release until Firefox developers released a fix. The vulnerability allowed "a malicious site to potentially determine which websites users have visited", Mozilla said. The non-profit company said that only a "limited number of users are affected". The download had been taken offline within a day of its initial release, the organisation's UK spokesman said. Some users were upgraded automatically to the new version, but are now being advised to uninstall the updates. Automatically upgraded In a blog post, Mozilla's director of security assurance Michael Coates said a fix was being worked on and should be expected on Thursday. "At this time we have no indication that this vulnerability is currently being exploited in the wild," he added. "Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available. "As a precaution, users can downgrade to version 15.0.1 by following these instructions. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability." Firefox was one of the three leading web browsers, with more than 450 million users worldwide, Mozilla said. Microsoft's Internet Explorer and relative newcomer Google Chrome are its key competitors. In recent months, various figures suggested Chrome had overtaken Firefox's market share, pushing the Mozilla Foundation's flagship product into third place in the browser race. __________________ Sexy Girls Teasing Last edited by wehateporn; 10-11-2012 at 04:09 AM..

10-11-2012, 04:10 AM	#2
Ethereal Registered User Industry Role: Join Date: Sep 2012 Location: TH Posts: 78	I never understood why they jump from version 15.0.1 to 16 while the only thing done was to change color of a button and break something? Why not just 15.0.2? __________________ ICQ: 608610901

10-11-2012, 04:21 AM	#3
wehateporn Promoting Debate on GFY Industry Role: Join Date: Apr 2007 Posts: 27,173	@Ethereal Firefox 16 arrives with a raft of critical fixes "Holes associated with a full 14 security advisories were closed in the new Firefox 16, in fact, 11 of them rated ?critical.? Also notable about Firefox 16 are features including a new developer toolbar, early Web app support, preliminary VoiceOver support in the Mac OS X version, and a new Reader Mode in the Android version. 'A growing set of novel features' Among the vulnerabilities fixed by Firefox 16 are memory corruption and memory safety hazards, a buffer overflow bug, and a spoofing and script-injection flaw." http://www.pcworld.com/article/20114...cal-fixes.html __________________ Sexy Girls Teasing