Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 3.6.4 Released With Out-of-Process Plugins

Posted by kdawson on from the bye-bye-crash dept.

DragonHawk writes "Mozilla Firefox 3.6.4 went to general release today. The big new feature in this release is out-of-process plugins (OOPP). This means things like Flash, Java, QuickTime, etc., all run in separate processes, so when Flash decides to crash, it won't take your browser out with it. If Flash starts consuming all the CPU it can find, you can kill it without nuking your browser session. I've been using this feature since it was in the 'nightly build' stage, and it was still more stable than 3.6.3, just because Flash was isolated." And reader Trailrunner7 supplies another compelling reason to download 3.6.4: "Security researcher Michal Zalewski has identified a problem with the way Firefox handles links that are opened in a new browser window or tab, enabling attackers to inject arbitrary code into the new window or tab while still keeping a deceptive URL in the browser's address bar. The vulnerability, which Mozilla has fixed in version 3.6.4, has the effect of tricking users into thinking that they're visiting a legitimate site while instead sending arbitrary attacker-controlled code to their browsers."

4 of 261 comments (clear)

  1. UI Lag by electrosoccertux · · Score: 4, Insightful

    now can we do something about the rest of the awful browser?

    Open 20 tabs and the entire thing chugs to a grinding halt as only one (1) of my four (4) processor cores gets maxed out. So much for the "multithreading" everybody says that Firefox.
    The same list of 20 tabs peg all my cores to 100% for a few seconds and then they're all done rendering, when I'm using Chrome. No thanks Firefox. You guys are ancientsauce.

    1. Re:UI Lag by dakameleon · · Score: 4, Insightful

      Don't forget the ponies!

      --
      Man who leaps off cliff jumps to conclusion.
  2. Re:Opera! by luckymutt · · Score: 5, Insightful

    However it it was really all that, it would have a much larger fan base.

    Popularity != better. Since IE has the largest fan base, you're saying that IE is the browser that is "all that?"

    Just because they have had something for a while now, does not mean that Firefox, which is a far more popular browser, getting it is not a big deal.

    Sure it's a big deal. Although it would have been a bigger deal if they were the first on the block to have gotten it.

    Opera people always crack me up.

    FF fanbois always crack me up. Do you people ever get tired of the pissing contest? Ever? And by the way, I am typing this in Konqueror. Suits my needs well enough.

  3. Privilege separation, anyone? by FraGGod · · Score: 5, Insightful

    Ok, now that we're able to put flash code in a separate proc, my question is: can we cut it's privileges so another (monthly) "zero-day vulnerability" will finally become just a tale to scare little children?
    Strangely enough, with all the concern about flash security, article seem to miss that point.