Mozilla rolls out a Firefox security update that patches 13 vulnerabilities, eight of them judged "critical." The overall update has been tagged as "highly critical."
Mozilla Corp. late Wednesday began rolling out a Firefox security update that patched 13 vulnerabilities, 8 of them judged "critical" by the Mountain View, Calif. open-source developer.
The update, which brings Firefox to 220.127.116.11, automatically downloads to existing copies of Firefox 1.5.x, but can also be retrieved in its entirety from the Mozilla Web site in versions for Windows, Linux, MacOS X in 37 localized editions.
Danish vulnerability tracker Secunia tagged the overall update as "highly critical," the second-from-the-top threat ranking. "[These] multiple vulnerabilities can be exploited to conduct cross-site scripting attacks or compromise a user's system," Secunia's online research note read.
A majority of the bugs will allow an attacker to introduce his own code to a vulnerable system; several of them can be exploited by posting malicious code or content on Web sites and enticing users to visit those sites.
On Thursday, Mozilla updated its Thunderbird e-mail client to 18.104.22.168 by fixing 12 flaws, only one of which was elevated to "critical" (10 were labeled as "moderate"); the independent SeaMonkey project, which took over development of what had been the Mozilla browsing suite, posted fixes to the SeaMonkey bundle as well. Version 1.0.3, which can be downloaded from here, patched 14 vulnerabilities, all but one shared with Firefox.
The next-generation Firefox, meanwhile, continues to evolve on a separate track. Firefox 2.0 -- which released in Beta 1 two weeks ago -- is to move to Beta 2 on Aug. 8 and ship in final form on Sept. 26, according to a Mozilla release calendar.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.