Firefox 3.5.8 Closes Security Holes

Mozilla yesterday released updates for its Firefox Web browser to shore up vulnerabilities in the 3.5.x and 3.0.x browser versions.

Three critical flaws (MSFA 2010-01, 2010-02 and 2010-03) all involve memory-related errors that could potentially allow an attacker to run any command on a victim PC. According to the advisories, the holes are already fixed in the recently released Firefox 3.6.


The patches also fix two other flaws that could lead to cross-site scripting attacks, but are only rated moderate (MSFA 2010-04 and 2010-05).

The updates are available for Windows, Mac and Linux, and will bump up the browser versions to 3.5.8 or 3.0.18. If you haven't already seen the automatic update pop-up, head to Help | Check for Updates to get the patch.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.