New Version - Mozilla Firefox 2.0.0.7 Final

Thanks.

camino is better and faster...IMO

Browser updated a few days ago. Thanks though.

You will rarely see any differences in new updates, just security patches.

.


Firefox 2.0.0.7 has been released to protect against a "critical" vulnerability exploitable through QuickTime files.

No other changes are mentioned in the release notes.

The problem is that QuickTime files can contain a command to launch the default browser. This can be exploited by including Firefox parameters to cause script commands to be executed and run with user privileges. If the user has administrative privileges, this could be used to instal malware or carry out other malicious activities.

The cure has been to remove Firefox's ability to run command line scripts.

"[Version 2.0.0.7] will protect Firefox users from the public critical security vulnerability until a patch is available from Apple," said Window Snyder, Mozilla's head of security strategy. "I would like to personally thank the individuals at Apple who worked with us and the engineers at Mozilla that work so hard to get security updates out so quickly."

The fix in Firefox 2.0.0.5 for a vulnerability created by the interaction of Firefox and Internet Explorer was originally thought to protect against an entire class of vulnerabilities, "but QuickTime calls the browser in an unexpected way that bypasses that fix," according to a Mozilla Foundation advisory. Furthermore, this particular issue is not caught by changes introduced to QuickTime 7.1.5 to prevent such exploits.

.