One comment -- Mozilla is shooting itself in the foot as far as corporate deployment by not providing us with MSI installers that we can script. Upgrading computers one at a time is very expensive.
ISC Diary | Firefox 3.6.20 Corrects Several Critical Vulnerabilities
Earlier this afternoon, the Mozilla Foundation released an update for their Firefox web browser to correct a number of security issues. Most of the issues corrected in this release are listed at a critical severity. As such, organizations should consider pushing the updated web browser in the near future.ISC Diary | Firefox version 6 is out
More information concerning the issues is available at www.mozilla.org/security/announce/2011/mfsa2011-30.html
Firefox 6 patches 10 dangerous security holes | ZDNetFor those of you just getting used to Firefox 5, version 6 is out. A few changes including security ones. the release notes are here: http://www.mozilla.com/en-US/firefox/6.0/releasenotes/
By Ryan Naraine | August 16, 2011, 4:00pm PDTISC Diary | Thunderbird 6 is out, Stability and security fixes. http://www.mozilla.org/en-US/thunderbird/6.0/releasenotes/
Summary: The vulnerabilities are serious enough to allow an attacker to launch harmful code and install software, requiring no user interaction beyond normal browsing.
Mozilla has shipped a critical Firefox update to fix at least 10 security vulnerabilities, some serious enough to expose web surfers to drive-by download attacks.
According to an advisory from the open-source group, 8 of the 10 vulnerabilities are rated “critical,” meaning that they can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
Thunderbird 6 is also out, Stability and security fixes. http://www.mozilla.org/en-US/thunderbird/6.0/releasenotes/