10 Security Fixes Included in Firefox 25

Five of the vulnerabilities are considered critical

Firefox 25 is now available for download. The latest version of Mozilla’s web browser comes with some interesting improvements, such as real-time sound processing, but it also brings a total of 10 security fixes.

Five of the issues have been catalogued as being critical, which means that cybercriminals can exploit them to run code and install software without user interaction being required.

The list of critical vulnerabilities includes use-after-free flaws in HTML document templates and when updating offline cache, and a memory corruption bug with the JavaScript engine when using workers with direct proxies.

Miscellaneous memory safety hazards and use-after-free issues found through ASAN fuzzing have also been addressed.

The high-impact security holes include an access violation issue with XSLT and initialized data, and a security bypass of PDF.js via iframes, and a potentially exploitable crash caused when a cycle collected object is released on the wrong thread during image decoding.

Users are advised to update their installations to protect themselves against hacker attacks that might leverage these vulnerabilities.

Download Firefox for all platforms from Softpedia.

Hot right now  ·  Latest news