Mozilla fixes 14 bugs in Firefox 12

The critical flaws patched in Firefox 12 include off-by-one error in OpenType Santizer, crash with WebGL content using textImage2D, potential memory corruption during font rendering using cairo-dwrite, invalid frees causing heap corruption in gfxImageSurface, use-after-free in IDBKeyRange, multiple security flaws in FreeType vw.4.9, and miscellaneous memory safety hazards.

Mozilla also plugged four highly rated and three moderately rated flaws. The company did not release fixes for Firefox 3.6 browser, which it retired this week.

In addition, Mozilla introduced silent updates for Windows users and made 85 improvements to built-in developer tools for the Firefox browser. "For example, developers no longer need to reload the page to see messages in the web console, and Scratchpad adds Find and Jump to Line commands to the editor. Our improvements touched on every one of the built-in tools", Mozilla said in a blog.

“Firefox simplifies the update process for Windows users by removing the user account control dialog (UAC) pop-up while maintaining the security of your system. Once a user gives explicit permission to Firefox on their first installation, they will not be prompted again for subsequent releases”, Mozilla added.

What’s Hot on Infosecurity Magazine?