(LiveHacking.Com) – Mozilla has released Firefox 8 which includes better user control of add-ons and integrated Twitter search. But more importantly it contains several ‘Critical’ security related bug fixes. Mozilla also updated Firefox 3.6.24 with many of the same fixes.
A ‘Critical’ vulnerability can be used to run arbitrary code and install software, without user interaction or knowledge.
The ‘Critical’ bugs fixed in Firefox 8 include:
- MFSA 2011-52 – Code execution via NoWaiverWrapper
- MFSA 2011-49 – Memory corruption while profiling using Firebug
- MFSA 2011-48 – Miscellaneous memory safety hazards (rv:8.0)
The memory safety bugs, fixed by the Mozilla engineers, showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code. However there are no known exploits today for these bugs.
An additional ‘Critical’ bug was squashed in Firefox 3.6.24:
- MFSA 2011-46 – loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch)
MFSA 2011-43 was fixed in Firefox 7 but it has now been discovered that it affects Firefox 3.6. The error could allow a malicious page to potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.