Mozilla fixes Firefox bugs

The Firefox update fixes a number of security holes and browser malfunctions that were discovered by Michal Zalewsky, a security expert, a few days ago. A flaw could be exploited by attackers to manipulate the information stored in the browser’s cookies, making it the most important solution of those included in the update, according to Window Snyder, the head of strategy for Mozilla security.

“The potential for compromising a user’s account is almost as serious as compromising their machine,” she said Friday. “Since the details of how to exploit the vulnerability are publicly available the risk to users is very great.” The update also includes a memory corruption issue that could be exploited to control unauthorized software on a user’s computer with Firefox ”.

This flaw could also affect Thunderbird users who have configured their mail client to handle JavaScript automatically, something Mozilla does not recommend. Thunderbird is Mozilla’s free email client.

The update is available through Firefox’s automatic update system, according to Snyder. Mozilla has fixed a total of 7 security holes in Firefox and 2 in Thunderbird.