[b]Mozilla hastily shoves Firefox updates out door[/b]
Mozilla has rushed out updates to plug a few critical holes in versions 2 and 3 of its popular open source Firefox browser.
Firefox 3.0.5 fixes three critical security flaws in the browser, while 2.0.0.19 stitches four critical vulns.
Mozilla said that XSS vulnerabilities in SessionStore, XSS and so-called JavaScript “privilege escalation” and crashes that could cause memory corruption have been repaired in Firefox 3.0.5.
The bugs in the browser could have been “used to run attacker code and install software, requiring no user interaction beyond normal browsing,” said Mozilla.
Mozilla is joining Microsoft and Opera on the browser patching treadmill.
The open-source group has rolled out the final security fix for the Firefox 2 branch and a new version of Firefox 3 to plug about a dozen security holes that could lead to remote code execution attacks, browser crashes and information disclosure issues.
WOT (Way Off Topic) ;D
Well my arms are open waiting for the IE patch to get kicked out the door too ;D
As and when the windows updates get around to it (can’t be bothered to go looking for it).
BOT (Back On Topic)
That IE patch is now installed on XP SP3 and so we have that critical one behind us now here on this side of the phishing pond also known as the North Sea,
I normally get notified (I never auto update, being on dial-up) a day or two later and then it seems to take forever to eventually download and install the updates, the last Patch Tuesday took about three days before all were downloaded and installed.
David,
The delay is your choice. Mine was patched while I was out on business.
Unfortunately it required a restart which didn’t happen till I got back home.
The delay isn’t my choice, only the fact I don’t want it to download and install automatically, don’t forget I’m on dial-up and it isn’t on 24/7 (as I have restrictions on monthly use) when I’m out.
The true delay is on MS and not my side as when notified I usually select those updates (excluding the malicious software one) for download and install:
a) I have only this morning been notified of the download.
b) despite selecting it for download and the WU icon remaining on the system tray for a while it is no longer there.
c) as I said already it can take days for MS to actually get round to downloading and installing the updates I have chosen.
Yes, I have now been notified and said to download as the post above yours states I’m still waiting for it to even download it and install. I have been on-line for a little over an hour more than enough time for it to download an 1.8MB update file, but the icon isn’t there any more.
This can go on for days waiting for it to actually be downloaded, when I first connect the WU icon will appear in the system tray and indicate downloading 0%, but it never seems to get started and just disappears for another indeterminate period of time before repeating the process all over again: icon appears, downloading 0%, doesn’t get started and just disappears; icon appears, downloading 0%, doesn’t get started and just disappears; icon appears, downloading 0%, doesn’t get started and just disappears.
Eventually it will get downloaded and installed, so I think you can see why this process gets right up my nose. If nothing else it teaches patience
I have the same problem on my relatively slow 256kbps DSL. I’ve read that the Automatic Update process can take days even for users who have it done completely automatically. They just don’t realize it takes so long because everything happens in the background. MS Automatic Updates doesn’t translate to timely ones, but it’s a lot better than it used to be, eh?
