Corporate Firefox Deployment This site outlines steps for corporate deployment of the Mozilla Firefox browser and autoconfig.


Friday, May 13, 2005

Firefox version 1.0.4 release 12 May 2005

Firefox version 1.0.4 has 3 critical patches.

Mozilla lists them here: http://www.mozilla.org/projects/security/known-vulnerabilities.html
Fixed in Firefox 1.0.4
* MFSA 2005-44 Privilege escalation via non-DOM property overrides
* MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
* MFSA 2005-42 Code execution via javascript: IconURL
http://www.mozilla.org/projects/security/known-vulnerabilities.html
There has been some gleeful and hysterical publicity about them,
even before an exploit.

1.0.4. should be deployed rather than 1.0.3.

The changes in 1.0.4 are only
* Several security fixes.
* Fix to DHTML errors encountered at some web sites.
(the DHTML error was introduced in 1.0.3..)

Release Notes: http://www.mozilla.org/products/firefox/releases/1.0.4.html

Get Firefox version 1.0.4 here.

Functionally it's the same as 1.0.3. and the configuration files will
work for both.

posted by rayandruth at 11:26 AM

0 Comments:

Post a Comment

<< Home