Mozilla patches 12 Firefox flaws

Browser version 44 fixes three critical vulnerabilities

Mozilla has patched several vulnerabilities putting users of its Firefox browser at risk of cyber attacks.

The open source firm released version 44 of its browser on Tuesday, and issued an update listing 12 fixes on its security advisory board.

Three of those are listed as 'critical' vulnerabilities, and concern unsafe memory manipulation, buffer overflow in WebGL, and other memory safety hazards.

Advertisement - Article continues below

Another two were classified as high', which could involve an attack harvesting data from a user during their regular browsing activity. These involved address bar spoofing attacks, by which an attack could create a fake address bar when a user opened a new tab, and some code errors in the browser's Network Security Services.

The remaining vulnerabilities were listed as moderate', and included minor performance delays for file downloads on OS X and a missing delay following user click events.

Earlier this month, Firefox issued a blog update about issues some users have had with devices such as security scanners and antivirus products, after Firefox rejected sites using the SHA-1 certificate, which is in the process of being phased out.

Firefox updated its private browsing functions last year to make it simpler for users to stop companies tracking their browse usage.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020