10 Security Fixes Included in Firefox 25

Five of the vulnerabilities are considered critical

By on October 30th, 2013 09:39 GMT

Firefox 25 is now available for download. The latest version of Mozilla’s web browser comes with some interesting improvements, such as real-time sound processing, but it also brings a total of 10 security fixes.

Five of the issues have been catalogued as being critical, which means that cybercriminals can exploit them to run code and install software without user interaction being required.

The list of critical vulnerabilities includes use-after-free flaws in HTML document templates and when updating offline cache, and a memory corruption bug with the JavaScript engine when using workers with direct proxies.

Miscellaneous memory safety hazards and use-after-free issues found through ASAN fuzzing have also been addressed.

The high-impact security holes include an access violation issue with XSLT and initialized data, and a security bypass of PDF.js via iframes, and a potentially exploitable crash caused when a cycle collected object is released on the wrong thread during image decoding.

Users are advised to update their installations to protect themselves against hacker attacks that might leverage these vulnerabilities.

Download Firefox for all platforms from Softpedia.
Firefox 25 is available for download
   Firefox 25 is available for download
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments