Critical Security Flaws in Firefox Require Updates

December 3, 2014 | By Kevin Judge

firefox mac
Mozilla has released security updates to address critical security flaws in Firefox and Thunderbird. These vulnerabilities may allow an attacker to obtain sensitive information, cause a denial of service, run malicious code and take control of the user’s computer.

At the same time they released Firefox 34 which changes the default search engine from Google to Yahoo.Fixed in the updates address the following critical security flaws in Firefox:

A fix for an issue discovered by the Google Security Team that resolves that prevents an exploitable crash whiles parsing media content.

  • The problem normally occurs when running scripts in browsers.
  • A user-after free in HTML5 that can cause an exploitable crash. A user-after-free exploit allows a hacker to crash a system by referencing memory that has been freed after use.
  • The release also resolves a number of memory safety hazards uncovered by the Mozilla developers community to prevent memory corruption that may also allow hackers to run arbitrary code. Running arbitrary code may allow the hacker to take control of the users computer.

Updates available include:
Firefox 34
Firefox ESR 31.3
Thunderbird 31.3

Comodo iceDragon Browser

Comodo offers its own free to download Firefox based browser, the Comodo IceDragon. It includes unique security and privacy enhancements not found in any other browser.

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>