Mozilla Security Updates

The Mozilla group has been busy, issuing updates with security fixes to Firefox 3.6, Thunderbird, and Firefox 5 (upgrading it to 6).  I foresee a busy couple of weeks ahead.

One comment -- Mozilla is shooting itself in the foot as far as corporate deployment by not providing us with MSI installers that we can script.  Upgrading computers one at a time is very expensive.

ISC Diary | Firefox 3.6.20 Corrects Several Critical Vulnerabilities

Earlier this afternoon, the Mozilla Foundation released an update for their Firefox web browser to correct a number of security issues. Most of the issues corrected in this release are listed at a critical severity. As such, organizations should consider pushing the updated web browser in the near future.

More information concerning the issues is available at www.mozilla.org/security/announce/2011/mfsa2011-30.html

ISC Diary | Firefox version 6 is out

For those of you just getting used to Firefox 5, version 6 is out. A few changes including security ones. the release notes are here: http://www.mozilla.com/en-US/firefox/6.0/releasenotes/

Firefox 6 patches 10 dangerous security holes | ZDNet

By Ryan Naraine | August 16, 2011, 4:00pm PDT

Summary: The vulnerabilities are serious enough to allow an attacker to launch harmful code and install software, requiring no user interaction beyond normal browsing.

Mozilla has shipped a critical Firefox update to fix at least 10 security vulnerabilities, some serious enough to expose web surfers to drive-by download attacks.

According to an advisory from the open-source group, 8 of the 10 vulnerabilities are rated “critical,” meaning that they can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

ISC Diary | Thunderbird 6 is out, Stability and security fixes. http://www.mozilla.org/en-US/thunderbird/6.0/releasenotes/

Thunderbird 6 is also out, Stability and security fixes. http://www.mozilla.org/en-US/thunderbird/6.0/releasenotes/