The patch – to 4.0.1 – reportedly fixes more than 50 bugs in the browser software, and makes the client a lot more stable, Infosecurity notes, as well as extending the number of addins that will work with the software.
According to Mozilla, one of the major updates is a fix for a memory corruption problem that caused the browser to crasj or,. more often, to fail to load previously saved URL tabs when resuming the browser after a Windows restart.
The good news is that Firefox 3.6 has also been updated with some elements of the update, suggesting that Mozilla's accessibility architecture, which the company announced would allow easy code ports from Firefox 3.x to 4.x, is being used.
The 4.0.1 update also remediates a critical vulnerability that can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
Mozilla also reports that a second vulnerability that has been fixed can be used to gather sensitive data from sites in other Windows or inject data or code into those sites, requiring no more than normal browsing actions.