Firefox Tries Again for URI Fix, Adds Leopard Support
Monday, October 22nd, 2007Mozilla Corp. has released a critical security update to Firefox, taking a third shot at patching bugs in the way the browser can be used to launch programs from Web links.
The bug, rated ‘moderate’ by Mozilla, lies in the URI (Uniform Resource Identifier) protocol handling technology that is used to launch programs — an e-mail client for example — from within the browser. Over the past few months, security researchers have been discovering an increasing number of ways that this technology can be misused, often as a way to install unauthorized software on a victim’s computer.
The URI patch is one of eight security bug-fixes that Mozilla has pushed out with the 2.0.0.8 update, released late Thursday.