14 DAY TRIAL // Mozilla has issued an update for users of Firefox 3.0, the branch soon to be discontinued. Addressing vulnerabilities that have been already patched in Firefox 3.6, the new release includes all the changes delivered in Firefox 3.0.17 and is available for immediate download right here on Softpedia.
The official release notes for Firefox 3.0.18 say that the new version fixes issues found in previous versions of Firefox 3, including “several security issues”. Detailed elsewhere on the Mozilla.org web site, the bugs are listed as three critical flaws in the browser’s Gecko rendering engine, the HTML parsers, and their implementations of Web Worker, the enhanced scripting functionality allowing site developers to shift JavaScript computations to a background thread. This reduces the performance hit on Firefox’s user interface, according to Mozilla.
All three of these vulnerabilities would allow hackers to inject malware onto machines running older versions of Firefox. Mozilla’s advisories reveal that “some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.”
However, only one of the three vulns is critical. The remaining two, labeled as “moderate” in Mozilla’s scoring system, are bugs that could be exploited in cross-site scripting attacks, the notes show. As noted above, the recently-found vulnerabilities have already been addressed in Mozilla 3.6, therefore users of this branch don’t have any updates to perform at the moment.
It is also worth noting that the release of Firefox 3.0.18 shows Mozilla’s commitment to continue supporting the older branch. Its drop was slated for January, yet Mozilla is yet to take steps in this direction. To download the latest version of the Mozilla Firefox web browser for Mac OS X, use the link below.