Mozilla Releases Firefox 3.6.4
The Mozilla Foundation has released Firefox 3.6.4 and Firefox 3.5.10 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.Update Thu 24 Jun 2010 09:46: Mozilla patches 9 Firefox bugs, adds plug-in crash protection | Security Central - InfoWorld
US-CERT encourages users and administrators to review the Security Advisories for Firefox 3.6 and Firefox 3.5 and apply any necessary updates to help mitigate the risks.
Mozilla on Tuesday patched nine vulnerabilities, six of them critical, in Firefox 3.6 and Firefox 3.5.
But rather than highlighting the security fixes in Firefox 3.6.4, the company instead emphasized the addition of crash protection, a move meant to keep the browser alive when popular plug-ins drop dead.