Firefox version 1.0.4 has 3 critical patches.
Mozilla lists them here: http://www.mozilla.org/projects/security/known-vulnerabilities.html
Fixed in Firefox 1.0.4
* MFSA 2005-44 Privilege escalation via non-DOM property overrides
There has been some gleeful and hysterical publicity about them,
even before an exploit.
1.0.4. should be deployed rather than 1.0.3.
The changes in 1.0.4 are only
* Several security fixes.
* Fix to DHTML errors encountered at some web sites.
(the DHTML error was introduced in 1.0.3..)
Release Notes: http://www.mozilla.org/products/firefox/releases/1.0.4.html
Functionally it's the same as 1.0.3. and the configuration files will
work for both.