Mozilla rushes Firefox 3.6.2 update to address zero-day vulnerability

Mozilla has released the first update for Firefox 3.6 (despite the .2 version number) that includes more than 100 bug fixes for several stability and security bugs.

Most notable in this release is a patch for a critical security vulnerability disclosed last week that could lead to remote code execution due to incorrect handling of a variable in the WOFF (Web Open Font Format) decompression routine. WOFF support is a new feature introduced in Firefox 3.6 so previous versions of Firefox are unaffected.

The vulnerability prompted the German government to recommend users to stop using Firefox, following a similar recommendation last January related to a security flaw in Internet Explorer.

Mozilla had initially scheduled the update for March 30th, a disappointing decision nonetheless considering Mozilla’s commitment to security and history. But they have made the right decision, pulled all the necessary efforts and has has released the security bug fix a week ahead.

To get the update, select Check For Updates… in Firefox’s Help menu, and follow the onscreen instructions. A stronger shield in less than one minute!

5 thoughts on “Mozilla rushes Firefox 3.6.2 update to address zero-day vulnerability”

  1. I’ve noticed a few blog post the last couple days talking about FF 3.6.2 coming soon. I don’t know about everyone else but about a week ago, my install of FF 3.6 updated to 3.6.2 through auto update…

    1. You’re probably in the beta channel for updates. If at some point you installed a beta or RC you will keep getting updates in beta or RC status as well for all future releases.

  2. After this update my FF browser does not connect to external sites inside my companies firewall.

    1. Ok, I resolved this with a help of my co-worker. This is a big deal for corp. users who have firewalls and need to enable proxy settings. Inside my firewall you need to enable a proxy or external sites do not work. I never had to do this except for this new ver 3.6.2. tools, options.advanced, network settings click on manual proxy config.

  3. They didn’t fix them all. The hide Menu Bar only works after restarting Firefox. I know it’s not my computer having problems. I just got this comp a few days ago.

    I have Windows 7 64-bit and all 32-bit apps work well with it.

Comments are closed.