‘Severe’ flaws in Firefox and Opera patched

red cross

Mozilla and Opera have both released updates for vulnerabilities in their internet browsers, with some flaws described as both critical' and extremely severe'.

With the Firefox 3.5.4 patch, 11 vulnerabilities have been fixed - with six of them described as critical.

The critical flaws left the previous version of Firefox open to attacks from hackers who could run code and install software, even if the user was browsing normally.

One of the vulnerabilities (MSFA 2009-64) was causing crashes, with some showing evidence of memory corruption. With some effort' these crashes could have been exploited to run arbitrary code.

The 10.01 patch for the Opera browser fixed three security vulnerabilities, with one rated extremely severe and two as less severe.

The extremely severe flaw left Opera open to an attack where specially crafted domain names would cause a memory corruption, leading to a crash. Successful exploitation could have allowed a hacker to run arbitrary code.

Firefox 3.54 and Opera 10.01 should be available automatically to existing users and include various other tweaks and improvements.