Mozilla Firefox 2.0.0.4 Upgrade
Papaadmin June 1st, 2007 | Viewed 282 views
I started my June posting with an upgrade of the Mozilla Firefox from 2.0.0.3 to Firefox 2.0.0.4.
Actually, I have no choice. It just popup before displaying the Firefox Browser. So I just clicked “Yes”, Upgrade Please. 
Nevertheless, I did not regret doing it because of the security problems. Now, as you know, I’m a Little Knowledge guy but when seeing my most often laptop memory problem solved, I know I just did the right thing by upgrading my favourite browser.
Here the Fixed in Firefox 2.0.0.4:
- MFSA 2007-17 XUL Popup Spoofing
- MFSA 2007-16 XSS using addEventListener
- MFSA 2007-14 Path Abuse in Cookies
- MFSA 2007-13 Persistent Autocomplete Denial of Service
- MFSA 2007-12 Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)
It is that last Fix that really caught my attention. “Crashes with evidence of memory corruption … “. I have this memory crashes so many times that I really think it is my laptop problem and not something else! For info, I have 1G DDR2 RAM and I already run the memory read/write check. They all reported “no problem” to my 1Gig RAM. I definitely never thought of the problem caused by my favourite browser, Firefox. Is it? Well, who cares, as long as it fixed it, I am happy. 
Here, I qoute from the site MFSA 2007-12:
As part of the Firefox 2.0.0.4 and 1.5.0.12 update releases Mozilla developers fixed many bugs to improve the stability of the product. Some of these crashes that showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Note: Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail. Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript, such as large images.
What? Such as large images???? Wow… 
Well, I have upgraded, what about you?
Technorati Tags: Mozilla Firefox, Firefox 2.0.0.4, XUL Popup Spoofing, XSS using addEventListener, Path Abuse in Cookies, Persistent Autocomplete Denial of Service, Crashes with evidence of memory corruption
June 1st, 2007 at 12:38 pm
Same here..no choice, they upgrade for you, unless if we turn off the auto update function I think. But Fire Fox rocks man! Me love it long time yah..
June 1st, 2007 at 2:56 pm
Yeah, it was an upgrade not by choice…
June 2nd, 2007 at 5:10 pm
Mine was also auto updated
I was an IE user before Cedric intro me to this FF. Well so far so good 
June 3rd, 2007 at 3:08 pm
Wat’s the difference actually?
Ever since I started using Firefox I don;t use IE anymore
June 3rd, 2007 at 4:55 pm
Kay: Yea, firefox rocks man! cool.
Gall: actually there’s a choice, like i can say, Nope… skip.
Criz: It is the best browser Criz. If you into editing your blog coding,like the PHP & CSS, u definitely need firefox. It is the standard for web developer. come close is the Mac safari.
hcfoo: whats the difference of the upgrade or between IE? As the above, there are major critical updates. you can check the link. OTH, i still use IE. only IE6 for some display problem decoding. Some web still prefers IE, if not will not run. That’s really stupe of the webmaster. but thats their problem.
Thanks all, for commenting.