Web Hosting Blog

Mozilla has released an updated version of Firefox browser. This new release covers 11 vulnerabilities that exposed users to code execution information stealing or denial of service attacks.

4 out of 11 vulnerabilities were considered critical.

The 4 critical vulnerabilities are as follows :

1. MFSA 2008 53 XSS and JavaScript privilege escalation via session restore. The feature available with the Firefox browser of session restore has a flaw of violating the same origin policy and run JavaScript in another site. This vulnerability could also be used by an attacker to run arbitrary JavaScript with chrome privileges.
2. MFSA 2008 55 Crash and remote code execution in nsFrame Manager. This vulnerability was a part of Mozilla’s DOM code which could be exploited by modifying properties of a file input element before it finishes initiating. An uninitialized memory is accessed by the browser which resulted in crash. The crash might be used by an attacker to run arbitrary code on the victim computer.
3. MFSA 2008 52 crash with evidence of memory corruption. The developers of Mozilla identified and fixed many stability bugs in the browser engine used by Firefox and other Mozilla products. Some showed evidence of memory corruptions under certain circumstances
4. MFSA 2008 54 buffer overflow in http index format parser. In this flaw Mozilla parsed the http index format MIME type. By sending a specially crafted 200 header line in the http index response an attacker can cause the browser to crash and also run arbitrary code in the victims computer.

All these critical 4 faults have been fixed along with the rest not so critical flaws.

Mozilla would soon release a Private Browsing version of Firefox, also called as the Porn Mode.

Private browsing Mode does not keep any traces of the web activities on the computer. Private browsing should not be misunderstood as being anonymous over the web or from the ISP’s (Internet service providers) neither does it keep users protected spyware or malware. What Firefox does is, it clears the data of users online activity.

Apple’s Safari, Google’s Chrome and Microsoft’s Internet Explorer 8 Beta version 2 already have the Private Browsing Mode also know as the Porn Mode.

This update will be available publicly on Firefox 3.1 Beta 2, which is soon to be released. Users can download the current developer built version from Mozilla Developer Page.

Firefox has introduced its next generation fastest browser “Minefield” is probably the fastest javascript engine. With this browser the future seems to be really fast for Firefox.

Web masters say that Minefield is almost 10% faster than Google Chrome. Though this is a pre-release and is an alpha version of Firefox.

To test the browser Click here to download. This is a completely separate browser so you need not worry, it will not upgrade your current Mozilla browser.

This new superfast browser is built to suite Mac OS X, Linux and Windows.

So why waiting, click the link above, download, install and experience the browser yourself.

Mozilla releases a technology that helps websites detect the Physical location of computers using Firefox browser.

This new technology will help users find locations such as Re-fueling stations, restaurants, Hospitals etc. when traveled to new towns.

This new project is named as “Geode”. It uses a W3C geolocation technology of version 3.1 Firefox. It is still an experimental project, but if implemented successfully, it will be of great use to users.

Skyhook is the firm that has made this new technology. It figures out a computer’s location from a nearby wireless network. It is called a Loki system which determines with an accuracy of 10 to 20 metres within few seconds of the hit of the button.

Mozilla claims that Geode will have a range of different applications.

Mozilla is still working on Geode specifics, and are not sure if one or two or more selectable service providers would provide the information such as GPS-based, WiFi based or manual entries.

Users can use this release with beta releases of Firefox 3.1 and alpha releases of Fennec.

Any person having a WiFi laptop can use this technology for the time being. With Mozilla Geode, when a website would request your location a notification bar will ask about the information you want to furnish to that site. You can even deny giving any information, so Mozilla seems to have kept the privacy factor intact.

The current service provider is Skyhook, so for sometime both locations and IP information will be sent to them.

Users can download Geode from the below given URL :

https://people.mozilla.com/%7Edolske/dist/geode/geode-latest.xpi