Firefox gets security update

Posted by Mark Raby

Mountain View (CA) - Mozilla has launched a new Firefox update to patch a handful of security issues.

The biggest part of this latest update is that it takes care of a vulnerability in the way the Internet browser handles "jar:" protocol.  The security hole first became evident in February but it wasn't until recently that the potential harm was demonstrated.  

The vulnerability in Firefox's jar: handler could lead to problems such as a hacker being able to steal a remote victim's entire list of Gmail contacts.

The 2.0.0.10 update also corrects unspecified memory corruption vulnerabilities and "referrer-spoofing via window.location race condition."

Users will receive the update automatically, or can download the new version from Firefox.com.