With Firefox 3.6.2, Mozilla has targeted a critical security threat that could enable an attacker to run arbitrary code on a victim’s computer after crashing the Web browser. The threat stems from a weakness in the way Firefox failed to allocate enough memory to store downloadable WOFF fonts after decompressing them. The update also addresses additional crashing bugs that could lead to memory corruption, a weakness that could give maliciously crafted pages access to private system data, and a few other smaller security threats. Also several unspecified stability issues have been resolved. (Free, 19 MB)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 29 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.