Firefox 28 Provides Critical Security Patches

March 21, 2014 | By Kevin Judge

Firefox 28, released on Tuesday, provided numerous important security fixes including 5 for flaws identified in the recent Pwn2Own competition.

Pwn2Own is a hacking competition where each successful exploit earned the researcher(s) $50,000. FireFox was hacked successfully this year more than any other browser. This includes a zero-day execution bug that when combined with another bug allows an attacker to load a JavaScript URL that is executed with the full privileges of the browser.

According to Mozilla release notes, Firefox 28 also fixes a bug where their Content Security Policy (CSP) was not being enforced in sandboxed iframes. This leaves the user vulnerable to hacks such as cross site scripting.

Mozilla also announced that Firefox 29 was now in beta release. It introduces an improved sync feature powered by Firefox Accounts, a new customization mode, a new Firefox menu and streamlined user interface.

A week ago, Mozilla canceled the release of its touch-enabled Firefox browser for Windows 8 and 8.1, stating that there was simply not enough demand for the Windows 8 version to justify continued development. The news was particularly surprising because the company had previously announced plans for its release this week.

Be Sociable, Share!

    Comments

    Aggravatorx March 21, 2014 at 8:27 pm

    That why you should Comodos Ice Dragon

    Reply

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>