Mozilla has released a quick update to its flagship Firefox Browser. This release 3.6.3 fixes the security flaws exploited at the Pwn2Own contest. The security flaw discovered at Pwn2Own affected only Firefox 3.6and later versions directly.
The Mozilla Security Advisor had added this flaw to their website writing,
A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint’s Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.
This flaw was address on April 1st, 2010 by Nils who also happens to be a security researcher. Mozilla has been quick in responding to this zero day exploit. The exploit of this flaw was a big challenge in itself, it being a zero day flaw.
To get the latest secure version of Firefox which has a fix for this flaw, go to Help -> Check for Updates and install the latest suggested release.
Comment on This Post |
Tweet This |
Share on Facebook |
Save to Delicious |
Stumble This |
Digg This |
Reddit This
Announcement: Missing Mobile News in the Main RSS Feed? We have decided to remove the mobile content from the main feed, please subscribe to our dedicated Mobile News RSS Feed at http://feeds.techie-buzz.com/techiemobile. Thank you for your understanding.
Don’t miss these Related Posts:
- Firefox 3.6.2 Released, Fixes Security Vulnerability
- Firefox 3.6.2 Candidate Fixes Critical Security Vulnerability
- Pwn2Own Hackfest: Day One Déjà vu
- Old Security Flaw, Still Found in Windows 7
- Browser Saturday: Browser Security Woes, Firefox Account Manager, Opera Mini for Android and More
Join Techie Buzz on Your Favorite Social Networking Sites