Chicago (IL) – Mozilla patched a “critical” security issue in Firefox 3.5 less than a month after the browser’s release. Version 3.5.1 corrects “several” vulnerabilities, including an exploitable memory corruption problem that could allow an attacker to access client computers.
Released over the weekend, the patch follows news from July 2 that Mozilla would move quickly to fix Firefox. The update was initiated as a “quick turnaround” update that “fixes topcrashes and bugs [Mozilla] almost held ship for.” The new version 3.5.1 also covers a cryptography issue under Windows XP as well as disconnected Arabic letters in edit fields.
Mozilla appeared to be aware of the security problem at the time of browser release, but decided to launch the browser nevertheless in order to keep its promise to introduce Firefox 3.5 in the second quarter. According to Mozilla, Firefox has been downloaded more than 30 million times since its launch on June 30. Data provided by Net Applications indicates that Firefox 3.5 currently stands at about 4% market share.
The latest version 3.5.1 can be downloaded from Mozilla's website.