Mozilla has released security updates to address critical security flaws in Firefox and Thunderbird. These vulnerabilities may allow an attacker to obtain sensitive information, cause a denial of service, run malicious code and take control of the user’s computer.
At the same time they released Firefox 34 which changes the default search engine from Google to Yahoo.Fixed in the updates address the following critical security flaws in Firefox:
A fix for an issue discovered by the Google Security Team that resolves that prevents an exploitable crash whiles parsing media content.
- The problem normally occurs when running scripts in browsers.
- A user-after free in HTML5 that can cause an exploitable crash. A user-after-free exploit allows a hacker to crash a system by referencing memory that has been freed after use.
- The release also resolves a number of memory safety hazards uncovered by the Mozilla developers community to prevent memory corruption that may also allow hackers to run arbitrary code. Running arbitrary code may allow the hacker to take control of the users computer.
Updates available include:
Firefox ESR 31.3
Comodo iceDragon Browser
Comodo offers its own free to download Firefox based browser, the Comodo IceDragon. It includes unique security and privacy enhancements not found in any other browser.