ID: IRCNE2012101639
Date: 2012-10-13
According to “CNet”, Mozilla released a new version of Firefox (Windows, Mac), one day after yanking the Web browser to address security flaws.
Firefox 16 was pulled off Mozilla's installer page, just one day after its release, to fix a vulnerability that could have allowed a malicious site to identify which Web sites a user had visited, said Michael Coates, Mozilla's director of Security Assurance. The flaw was publicly disclosed by security researcher Gareth Heyes, who published proof-of-concept code to demonstrate the vulnerability.
Though Mozilla said it had no evidence that the vulnerability was being exploited in the wild, the company recommended that users who had upgraded to version 16 downgrade to version 15.0.1, which was deemed unaffected by the flaw.
The new version -- Firefox 16.0.1 -- was released to Mozilla's upgrade servers and was pushed to users who had previously downloaded Firefox 16. A fix for the Android version of Firefox was released last night.
Mozilla also provided more information about the nature of the flaw, which it rated as critical.
The new version of the Web browser landed Tuesday with support for HTML5, indicating that Mozilla has decided it has matured enough to run in the browser without causing instability. The new version includes CSS3 Animations; Transforms; Transitions; Image Values; Values and Units; and IndexedDB.
- 2