On the second day of Christmas, Mozilla gave two Firefox version 9s

Mozilla released version 9 of its Firefox browser with fixes for a number of memory safety bugs in the browser engine; then, 24 hours later, it released 9.0.1 to fix a bug
Mozilla released version 9 of its Firefox browser with fixes for a number of memory safety bugs in the browser engine; then, 24 hours later, it released 9.0.1 to fix a bug

Mozilla released the update to the update for all platforms, although Windows users were “mostly unaffected”, wrote Mozilla developer Alek Keybl in a Bugzilla post. To fix the problem, developers removed a faulty patch that was included in version 9.

With Firefox 9, Mozilla fixed memory safety bugs in the browser engine used in Firefox and other Mozilla products, such as the Thunderbird 9.0 email product and the SeaMonkey 2.6 browser, email, and news alert suite.

“Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code”, Mozilla said in its security advisory.

Mozilla stressed that the flaws could not be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but they are a potential risk in browser or browser-like contexts in those products.

“These vulnerabilities did not affect the older browser engine used prior to Firefox 4”, Mozilla added.

What’s Hot on Infosecurity Magazine?