What Is It?
Mozilla Firefox and related products contain newly discovered security vulnerabilities, the most serious of which could allow a remote attacker to take over your machine. The Mozilla Foundation released updates to correct them yesterday.
The index of security advisories at http://www.mozilla.org/security/announce/ lists nine vulnerabilities that were addressed in the update of 19 December 2006. Of those nine, six are classified as critical, two as major, and one as minor.
- One of the critical vulnerabilities affects Firefox 2.
- Five of the six critical items affects the Thunderbird mail client and the Seamonkey suite.
What Should You Do?
- If you use any version of Firefox, or any product derived from Firefox, such as the Thunderbird email client or the Seamonkey Internet suite, and you have the affected program or programs set to automatically update, the program should automatically update itself the next time you start it.
- If you are still using version 1.x of Firefox, you should upgrade to version 2.0.0.1, which is the latest version of the web browser. Support for older versions of Firefox will be discontinued next April. This major version upgrade is not automatic, which you can do from http://www.mozilla.com/en-US/firefox/.
- You should verify that all versions of Firefox, Thunderbird, and Seamonkey are configured to automatically check for updates each time they start. This is their default behavior.
Upgrade Pages
References
David Gray, MBA, Chief Wizard
WizardWrx, formerly P6 Consulting |
 |
V: +1 (817) 812-3041
TZ: USA Central, GMT -6
E: dagray@wizardwrx.com
W: www.wizardwrx.com
|
5006 Cloyce Court
North Richland Hills, TX 76180-6944
USA |
 |
| Tell me what you need, and I’ll conjure it. | |