Both security updates need to be deployed as soon as possible

Sep 7, 2011 16:08 GMT  ·  By

Two new releases of Mozilla’s open source browser are now available for download to end users, namely Firefox 6.0.2 and Firefox 3.6.22. Customers need to deploy either Firefox 6.0.2 or Firefox 3.6.22, depending on the version of the browser they’re currently running, and they should update as soon as possible.

Christian Legnitto, Firefox release manager at Mozilla, explained that Firefox 6.0.2 and Firefox 3.6.22 come to increase user security in the context in which the company needs to provide protection against spoofed DigiNotar certificates leveraged in attacks in the wild.

“Firefox 6.0.2 and Firefox 3.6.22 are now available as free downloads for Windows, Mac, Linux, and Android,” Legnitto stated.

“As always, we recommend that users keep up to date with the latest stability and support versions of Firefox, and encourage all our users to upgrade to the very latest version.”

At the end of August 2011, Mozilla provided users with Firefox 6.0.1 and Firefox 3.6.21, also security updates designed to remove the DigiNotar root certificate, after attacks exploiting fraudulent SSL certificates issued by the Dutch certificate authority were confirmed.

At that time, the open source browser vendor had made an exception for Staat der Nederlanden certificates. Issued by a DigiNotar intermediate for the Dutch government, the Staat der Nederlanden certificates were considered safe at first, a perspective which has since been corrected.

“Firefox 6.0.2 and Firefox 3.6.22 remove trust exceptions for certificates issued by Staat der Nederlanden,” Legnitto stated.

This means that Mozilla has revoked all DigiNotar certificates, and that users of Firefox 6.0.2 and Firefox 3.6.22 will not get access to sites that use them, spoofed or not.

“We strongly recommend that all Firefox users upgrade to these latest releases. If you already have Firefox, you will receive an automated update notification within 24 to 48 hours,” Legnitto added.

Firefox 6.0.2, Firefox 8 Aurora and Firefox 7 Beta for Windows are available for download here. Firefox 6.0.2, Firefox 8 Aurora and Firefox 7 Beta for Linux are available for download here. Firefox 6.0.2, Firefox 8 Aurora and Firefox 7 Beta for Mac are available for download here.