There's a sucker born every minute - Phineas T. Barnum
|
|
|
Mozilla fixes a Firefox update
OPEN SOURCE outfit the Mozilla Foundation has had to issue a patch for a problem with a Firefox browser update issued just days ago.
On Friday Mozzarella shipped Firefox 3.6.8 to patch one security problem that it said was "a stability problem that affected some pages with embedded plug-ins."
A redfaced Mozilla advisory said that in certain circumstances properties in the plug-in instance's parameter array could be freed prematurely, leaving a dangling pointer that the plug-in could execute, potentially calling into attacker-controlled memory.
The bug was in one of the 16 patches that Mozilla applied to Firefox earlier.
It appears to be a problem with Adobe's Flash Player plug-in after updating to Firefox 3.6.7, which causes the plug-in to freeze when you watch a Youtube video.
It turned out that a new "out of process plug-ins" feature designed to keep the browser running when a plug-in crashed was kicking in too quickly. µ
Share this:
Share
Yep Internet Explorer and Safari have perfect security records. O wait.... Source model is practically irrelevant here.
Firefox 3.6.6, 3.6.7 and 3.6.8 are unusable on my Win7 PC; I get regular crashes now, so I'm not happy!
Firefox 4 Beta 1 seems far more stable, but Flash seems a touch unstable in it e.g. a Flash video stutters every so often in it, probably because Flash crashed and was retarted.
I blame Adobe for not making their shoddy Flash code more stable.
Adobe's Flash had to be involved somehow...
Open Source = Open Door
Well I for one am gobsmacked.
I cannot BELIEVE that a hole in this particular browser has been found - And just days after the last one!
That's never happened before to Mozilla FireProof. Has it?
Oh.