Slashdot Mirror
Firefox Updated to 1.0.4
Exstatica writes "Firefox has been updated to 1.0.4 and they have fixed a few critical security holes, all javascript vulnerabilities. The Mozilla Foundation announced these vulnerabilities May 7th. 'There are currently no known active exploits of these vulnerabilities although a proof of concept has been reported." You don't have to upgrade, but it's recommended.'" We've reported on these vulnerabilities previously.
yes, I know the arguments behind it...but it would be relly nice if update didn't involve simply downloading installer (on mine 128kbps it's so so...and on slower?)
One that hath name thou can not otter
These issues were announced on Monday, and now a security release is available. This shows how professional the Mozilla Foundation has become and how serious they take security issues. Good work! Security problems will inevitably appear from time to time in all kinds of software, how these issues are handled is to me just as important as the software itself. Good job!
9/11: Never forget it was a false-flag operation
Posting from 1.0.4 right now. Funny thing, after I upgraded and restarted the browser, I still had the "updates available" little red arrow on the top right corner of the browser. After checking for upgrades (and finding none), it's disappeared. Bug? Leftover registry entry or config file from 1.0.3?
---- Take the Space Quiz!
While I don't care for the update process, I am exceedingly impressed that Mozilla makes fixes so quickly, and doesn't try to hide them (like another browser company has done in the past). Professionalism...very nice to see this from Mozilla. Kudos!
I'm not a troll, but I play one on Slashdot.
I copy the exe installer into a folder on a windows share, explorer crashes when I access the folder from certain clients. Same happened with 1.0.2 but not with 1.0.3
I wildly guess it's a race condition or something arising from reading the embedded icon resourse as that doesn't show? No I don't really have a clue what causes it.
All machines are fully patched W2K, thank buddha for memory sticks!
Why can't we have extensions that don't die just because they changed the release number?
Extension authors can't keep up.
Mozilla Update is slow to update itself.
and Users like me are left looking to google for help.
Silly me thought Mozilla Update there to centralized things.
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
I kick myself in advance for replying to an AC, but what do you define as "quite a few?" More than IE? How about resolution -- faster than IE?
This sounds suspiciously like flamebait.
Mit der Dummheit kämpfen Götter selbst vergebens.
Bullshit. Microsoft fixes a lot of problems quickly but the monthly release schedule that they have moved to means that you'll only get those patches every four weeks unless it's critical.
As a system admin for our company, every new Firefox release means that I will have to go around to 150 workstations and manually reinstall the browser again to keep it up to date. I wish there was some sort of way to remotely update the browser on all machines or a way to patch vulnerabilities without a full reinstall.
Does middle clicking on a link open a new tab for OS X yet? The last I heard you had to patch FF to enable this feature. Middle clicking works fine on Safari, it's one feature I really miss when using FF on OS X.
--- if y cn rd ths y cn gt a gd jb n cmptr prgmmng!
My wife pointed out an article on Google News (that I had already seen earlier) showing that Firefox had some security vulnerabilities. She winced because I had just converter her to Firefox. I told her not to worry. I said, "Mark my words, there will be a security fix within a week." Well, today the fix was released and she was impressed. Not only has the Firefox development team improved the product, but they have made my wife happy! Life is good!
My mom always said, "Jim, you're 1 in a million." Given the current population, there are 7000 of me. God help us all!
I switched to Firefox because I was sick of using IE. Ever since I've switched, AdAware has found ZERO spyware/malware incidents!
To IE's meager defense, I'm sure there might have been a setting somewhere that might have tightened up the holes, but switching to Firefox has been easier. Plus, I'm addicted to the tabbed browing.
Why are there only 19 people folding@home for slashdot?
Back in the day when I first downloaded FireFox, one of my favorite parts of using it was how fast it would load up the first window when opened. It was almost instantaneous.
The more I use it, the longer this actions takes. It doesn't matter if I clear cache and cookies, un-install plugins, or just plain uninstall and reinstall the browser.
Is it simply the newer versions that cause it to load so slowly? My roommate has the same problem. Is anyone else experiencing this and is there an answer?
Responses greatly appreciated. Thanks.
> With my hardware firewall, and ActiveX disabled I am not afraid to use IE.
That's what I thought, too, until about a year ago.
I caught a trojan on my "good" box - the one I use for online banking. Firewalled behind a hardware NAT router with SPI and with the XP firewall added in for good measure. No pr0n- or warez-sites visits. No e-Mail. All patched up according to Windows Update. I'm the only one who had access to that system. No warezed stuff installed. Antivirus and SSD active and updated.
That was scary.
I stopped using IE right there and then.
Point taken, but let's bear in mind that this POC can't evolve into a worm. It can't even evolve into an exploit now that the only site on the default whitelist no longer exists.
That's why they didn't put out a stop-gap fix release at the beginning of the week--the threat had passed completely.
Firefox developers got lucky this time--they could remove the threat with a simple server-side modification. With most vulnerabilities of this severity, that's not an option.
"With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea...."
RFC 1925
Well, generally I agree with you. However, when it comes to correctly rendering UTF-8 pages, specially with Arabic characters, firefox has some very well known bugs that have not been fixed now for ages. The most annyoing one is a bug in rendering arabic decimal number: It shows all numbers like 1.4 as 4.1! Of course, IE renders such pages perfectly.
I have norton internet security installed on my computer and when I installed the new update for firefox I can no longer access the internet with firefox (using IE right now, something which I would like to stop as soon as possible). When I disable norton's firewall firefox works. Anyone have this problem as well and maybe know how to fix it?
As far as I could tell Mozilla had a fix before the exploits where made public. I downloaded the nightly trunk version of FF a couple of days before the exploits went public and found that the issue was allready resolved =)
The real question is... Why has your administrator disabled firefox?
________________________________________________
suwain_2
Please do pay a visit to the CSS Zen Garden and compare IE renderings to FF renderings.
the Special Effects Designs are the most interresting ones in terms of IE sucking badly, BTW...
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
You say the interface is "less friendly than IE", but what you really mean is: "I'm used to IE, and it's not identical to IE." I use FF exclusively on my computer, but on some computers sometimes, I have to use IE, and /I/ find the IE interface "less friendly than" FF, because I'm used to FF. It's all personal preference, neither is really better.