Security Updates for Firefox and Co
The Mozilla Foundation has just released Version 220.127.116.11 of its Firefox browser. The update fixes two security bugs. And there are new versions of both Thunderbird and Seamonkey.
One of the issues also affects Linux systems. The security hole described on this page gives would-be attackers the ability to escalate privileges. According to Mozilla the bug also affects the Thunderbird mail client and the Seamonkey browser. An update will be available to fix the bug, but Mozilla has not yet released it.
The second security hole, which only affects Windows systems, gives the attacker the ability to launch arbitrary pre-installed programs. To allow this to happen the user would need to have called a special URL that compromises system if Internet Explorer 7 is also installed.
Firefox version 18.104.22.168 is available as a download from the Mozilla Foundation website. Updated packages for various distributions should be hitting the repositories any day soon. In the Release Notes developers advise all users to switch to the new version.