Firefox 15 released: Seven critical vulnerabilities patched and stealthy updates too!

Filed Under: Firefox, Vulnerability

FirefoxThe folks at Mozilla released the latest version of Firefox web browser for desktop systems and mobile devices on Tuesday, fixing 16 security holes and a raft of stability problems.

The company also streamlined the browser's automatic update feature to more closely resemble the silent update feature of Google's competing Chrome browser.

Firefox 15 follows hot on the heels of version 14, which was released in July.

The update fixes for more than 2,200 discrete bugs, including 16 security vulnerabilities, seven of them labeled "critical."

Some of the fixes in Firefox 15

The critical fixes include a patch for the "new tab" privilege escalation vulnerability that Naked Security reported on in June.

Mozilla also fixed a bitmap processing error in which Firefox crashed when attempting to decode bitmap (.bmp) images with a negative height header value. The vulnerability caused a memory crash that could, potentially, be exploitable, Mozilla warned.

Mozilla touted improvements in the browser's memory management features which make it faster and provide for a "smoother and more responsive" browsing experience.

I'm not sure what's meant by that exactly, but users have long complained about memory leaks, especially during long browsing sessions and when multiple Firefox add-ons were running.

A cursory review of the bug fixes for version 15 of Firefox shows that around 170 were related to various browser "crashes," so smoother and more responsive may just mean 'it doesn’t crash as much.'

The improvements to the silent update feature mean that future software updates to Mozilla Firefox are installed in the background when the browser is operating.

Windows-style automatic updates have been around since the release of Firefox 12 in April, but limitations of the feature meant that users were still presented with prompts when restarting the browser after an update.

That aside, there were no strictly security-related features in the new release.

Firefox 14 click-to-play featureThat's in contrast to Version 14, which added features such as the "click to play" feature that blocked default loading of (potentially malicious) plug-ins as well as default secure HTTP (https) web searches using Google.

The company said that the browser's security features have been ported to the Android version of Firefox, providing comparable security for folks browsing on Android smart phones and tablets.

Mozilla's baby has been lagging well behind snappier competitors like Google's Chrome in recent months.

Use of Chrome has exploded in the last year, while Firefox's market share has been flat to slightly down.

Depending on which organization you ask, Google’s browser is either the most popular web browser, ahead of even Microsoft’s Internet Explorer - or battling it out with Firefox for second place.

, , , , ,

You might like

97 Responses to Firefox 15 released: Seven critical vulnerabilities patched and stealthy updates too!

  1. Steve · 728 days ago

    This is the best explanation of the memory manager improvements: http://blog.mozilla.org/nnethercote/2012/07/19/fi...

    It's also the blog for MemShrink project, which handles improving memory usage and reducing leaks.

    • Ryan · 728 days ago

      O.o, awesome!
      Thanks for the link. I don't think I've used Firefox in the last year+ just because the memory leak issue was getting so bad. If it truly is using less ram now, I may switch back. I hate how Google does it. I have 3 tabs open and that means 15 processes.

  2. David · 728 days ago

    Thunderbird has also been update (to V15) - but beware that the associated update to Lightning (v1.7 Calendar functionality) carries a dodgy file (according to my Norton Internet Security 2012): calbasecomps.dll - an essential component of Lightning. False Positive?

  3. Bob Pratt · 727 days ago

    I stopped using Firefox a couple of years ago, fed up with the endless tweaking and updating of it that just seemed to make my computer slower and crash more. Changed to Opera and never looked back.

  4. beth h · 727 days ago

    I am guilty of keeping many tabs open simultaneously. My question is: If I update Firefox, does it remember the pages that are currently open? (I always choose the preference for Firefox to "remember tabs from last session" but don't know if this would apply to the situation of a software update)

    Does anyone know this info?

  5. Steve L. · 727 days ago

    Firefox 15.0 arrived 8/30 and immediately crashed on startup. This happened again after rebooting. I uninstalled and reinstalled 15.0 with same result. I uninstalled 15.0, then installed 14.0, which worked just fine. On 8/31 I started up 14.0 and Firefox upgraded me to 15.0, which immediately crashed.

    They may have fixed many problems but started another set.

    • Jack Wilborn · 725 days ago

      Steve... Remember the old saying "step on one bug and a bunch more come to the funeral"?

  6. Nigel · 727 days ago

    Back when Mozilla Foundation released the Mozilla Suite, they were cutting edge, and promised to recapture the lost utility of the classic Netscape Communicator suite, which had been ravaged to destruction by AOL. Then MoFo got it in their heads to break up the suite into separate browser (Firefox) and mail client (Thunderbird) apps that "play nice with each other."

    Yet, for all their virtues (which arguably consist principally of being a more high-visibility alternative to Microsoft's IE and Outlook/Express than the Moz Suite ever was), they have never lived up their promise of "playing nice" anywhere near as well as the browser and mail apps continued to do in Moz Suite, and which they still do beautifully in SeaMonkey, the successor to the Mozilla Suite.

    Alas, Firefox has become a bad joke. I guess Thunderbird is still a decent mail client, but I don't know because I don't even bother with it any more. I just use SeaMonkey, which seems to have become the repository of the soul and spirit that Mozilla has lost.

  7. Carrie Gunn Sparks · 708 days ago

    I do user Firefox, but only because of a few must-have add-ons.

  8. Ron Todys · 708 days ago

    I dont sue anything with Firefox ;)

  9. Mike Thought · 708 days ago

    I'm gonna sue you.

  10. Becca Jacovel · 708 days ago

    Yes Firefox is my fav

  11. Alexander Spletter · 708 days ago

    I sue all kinds of browsers! So far they've all settled out of court.

  12. Ruairai Ó Broin · 708 days ago

    Poetic license?

  13. Michael Johnson · 708 days ago

    I personally use Google Chrome, mostly because later versions of Firefox tend to lock up when I'm browsing sites like nakedsecurity.sophos.com (:D) or watching YouTube videos. But still, good news.

  14. Maureen-Mo Myatt Specht · 708 days ago

    I tried it and it ended up freezing up all the time. I got rid of it..I did not like it.

  15. Jamie Naya Riedel · 708 days ago

    I use chrome :P nice typo by the way XD

  16. Katrina Dennehy · 708 days ago

    Windows explorer all the way!! Firefox and chrome are proned to malware and viruses

  17. Julio Czar Monteron · 708 days ago

    nope.. I don't sue firefox.

  18. Ian 'Equality' Bower · 708 days ago

    Chrome

  19. Chuck Fore · 708 days ago

    I'd SUE Microsoft IE, and I USE Firefox and Opera =)

  20. Michael Golden · 708 days ago

    Mine was updated this morning.

  21. Robert 'Rich' Rich II · 708 days ago

    I used to it got to bloated and I keep trying to go back maybe I will try again I really Like Chrome even though I know the Google is tracking me to a point but it is a fast Browser , hate the flash issues it causes though FF had the same issues with Flash .. love IE 10 on WIN 8

  22. Jane Ashwell-Carter · 708 days ago

    Good grief NO! Chrome all the way.

  23. Sash Seeruthun · 708 days ago

    No no. You're thinking of Apple.

  24. Matt Depew · 708 days ago

    I used to sue Firefox but now mainly file my issues with chrome

  25. Scott Colin · 708 days ago

    The household uses Firefox. I use Seamonkey. I wont use Chrome for any reason.

  26. Sue Hudson · 708 days ago

    firefox just did another update this morning

  27. Abraham Samuel · 708 days ago

    its use not sue!

  28. Sam Courlas · 708 days ago

    I use it's cousin "Seamonkey"

  29. Dave Larson · 708 days ago

    I like Firefox. I also use Chrome. On rare occasions, when circumstances demand it, I use IE 64bit.

  30. Eye Tea · 708 days ago

    Mozilla's SeaMonkey is the latest and greatest, especially for privacy. Firefox was the leader for a long time,then bloated itself which made Chrome look like a miracle until it rapidlyfollowed into bloated uselessness. Sea Monkey is extremely light on its feet, uses the vital plugins andmost importantly, starts quick, surfs quick and doesn't crash or freeze. Whatever else we want from a browser, these are essentials and cant be traded in or we move on. It's that simple.

  31. Karen Bailey · 708 days ago

    Firefox is great.

  32. Sherri Dollaway Schroeder · 708 days ago

    I like firefox because I tried chrome and for my game it was like dial up, why I am not sure.

  33. Randall K. Davis · 708 days ago

    A boy named Sue Firefox

  34. Paul Wilson · 708 days ago

    Chrome. I used Firefox when it was spun off from Mozilla. Since then it's become a bloated pile of junk much as Mozilla was.

  35. C.s. Miller · 708 days ago

    I didn't put FF on my new PC

  36. Timo Varin · 708 days ago

    Opera all the way; on my mobile, laptop and desktop.

  37. Shannon McCoy · 708 days ago

    I use to love Firefox. It's awful now. I switched to Chrome and it's been much better.

  38. Nicole Amendola · 708 days ago

    I use Firefox. I have never heard of Sea Monkey. Is it created by Mozilla? Does it have that awesome spell check feature where it underlines typos?

  39. Clyde Cameron · 708 days ago

    hmmmm...I'll certainly look at SeaMonkey next time FireFox slows to a crawl. Thanks for the tip. IE is for noobs.

  40. Gregoire Bedard · 708 days ago

    I use chrome & FF

  41. Lily Knol · 708 days ago

    Chrome for me.

  42. Andi Best · 708 days ago

    I love firefox - it's add-ons keep me loyal

  43. Mike Schutz · 708 days ago

    I haven't used Firefox since version 3.. I might check it out again in six months when they release version 32,516.

  44. Val Landau · 708 days ago

    I found Firefox unstable, I love Maxthon, never ever a problem

  45. Naked Security from Sophos · 708 days ago

    *sue*? Oops... "use". :-)

  46. Scott Bodkin · 708 days ago

    I'm still rocking Netscape and Mosaic!

  47. Craig Kensek · 708 days ago

    I leave the suing to Apple, Samsung, Google, etc

  48. Lindsay Minturn · 708 days ago

    Chrome!

  49. Cassandra Morrison · 708 days ago

    Goody, took them almost three months but you firefoxers are safe now...for a while.

    Yet Windows 7 was safe all the while...

  50. Ben Bristow · 708 days ago

    Downloaded FF normal + Palemoon 64bit and both felt really jerky and slow. Back to Chrome.

  51. Joop van Eijk · 708 days ago

    sue..? how do you do..

  52. Kurt Ferguson · 708 days ago

    Google Chrome - dev channel, for the most part, though I always have the latest Firefox Beta installed as well.

  53. David R Bellairs · 708 days ago

    Last time I tried Firefox I couldn't get it to work at all, which kinda put me off a bit. I used to love it up to v3.6, but then along came Chrome....

  54. John Haughey · 708 days ago

    Firefox is horrible. Haven't touched it for a long time.

  55. David Dzwonkoski · 708 days ago

    Thanks. Just clicked on About Firefox and it started downloading it.

  56. David Dzwonkoski · 708 days ago

    BTW, Windows 7 is safe? Safe from what, gonnorrhea?

  57. Maxine Finkelstein · 708 days ago

    I've never found it suable

  58. Shanlee George · 708 days ago

    I use Maxthon on my phone, rarely use desktop lol.

  59. Waylan Loyd · 708 days ago

    I got nailed by the Ransomvirus,it came up here on the feed w

  60. Kevin J. O'Conner · 708 days ago

    I stopped using Firefox when it suddenly stopped working one day. Now I use Chrome and Safari

  61. Waylan Loyd · 708 days ago

    Shortly after I read it ,thats when it got me,,had to completely wipe out drive

  62. Waylan Loyd · 708 days ago

    C:

  63. Waylan Loyd · 708 days ago

    I thought it had ur Logo at the top but not sure...

  64. Ross Walker · 708 days ago

    I used to use Firefox until the bookmarks stopped working and couldn't get an easy fix! Now I now use Chrome!

  65. Gene Bernier · 708 days ago

    ie8 4 now

  66. Georg Litty · 708 days ago

    Mainly Opera, except I need some of the AddOns only Firefox has.

  67. John W. Luther · 708 days ago

    Sueing is to expensive. I don't do it.

  68. Kevin Lim · 708 days ago

    chrome 21.0.1180.83 m

  69. Connie Ring Taunton · 708 days ago

    Ha, nice Freudian slip. Firefox user here

  70. Ski Gowitzke · 708 days ago

    I hope this fixes FF I was about ready to move elsewhere

  71. Brian Bosak · 708 days ago

    Too expensive to sue! I don't see what I'd sue them over anyways.

  72. Steven Byrd · 708 days ago

    Proofread much?

  73. Erwin Bernard Talento · 708 days ago

    It's good v15 was released as v14 is memory leaking out of control bloating up to 2gb in 4-hour browsing.

  74. Niki Vetten · 708 days ago

    If I look at google analytics on my sites IE is still king: 35- 40% because it is default for windows. Chrome and FF are about equal, around 20% each. Like most web developers, I use all the browsers but FF still has the best addons.

  75. Pat Berry · 708 days ago

    Firefox.

  76. Suganthan Mohanadasan · 708 days ago

    Firefox for the addons.

  77. George Possley · 708 days ago

    I use Firefox mainly on my Mac because Chrome has been killing my MacBook Pro CPU.

  78. Loqqy Free · 708 days ago

    It's on my old DOA machine still, can't remove it now, but glad I never installed FF on this machine. Phew, dodged another bullet...

  79. Lynn Dougherty Quin · 708 days ago

    I use both Firefox and Chrome.

  80. Andrzej Christopher-Josef Spang · 708 days ago

    Waterfox and Iron, The builds from the actual company's themselves are pretty dam shitty

  81. Tony Stipanic · 708 days ago

    Well, I'm sueing Firefox for a long time and I've never had any serious problems with it. And the new update makes it eat a bit less memory. I like it very much!

  82. Harald Wilke · 708 days ago

    Sue?

  83. Daniel Moore · 708 days ago

    Google Chrome is where the Google is.

  84. Jackie Coleman · 708 days ago

    I do use firefox but I prefer chrome

  85. Amanda Adams · 708 days ago

    sue?

  86. Ian Jones · 708 days ago

    My main browser is Seamonkey

  87. Scott Kuli · 708 days ago

    For the PC, I like Google Chrome. For the Mac, I like Safari. Chrome is MUCH faster than either Firefox or IE.

  88. Lynne Attwood · 708 days ago

    Chrome set me adrift, so I went back to Firefox. Annoying to be told you get no updates because your OS is too old (OS X 10.5.x), so good luck and goodbye to Google. I'd be interested to know over time how many Chrome users are stuck with an old version.

  89. Dave Bush · 708 days ago

    Up dated two days ago.. :-)

  90. Rich Barry · 708 days ago

    I use Firefox, Chrome, Safari and Comodo Dragon. No Internet Explorer.

  91. Tottie Limejuice · 708 days ago

    Use Firefox and never found the need to "sue" them or anyone else - yet ;)

  92. John Hessler · 708 days ago

    I tried to download it yesterday but the server was unresponsive. I'll try to download it again.

  93. Peter McConnell · 708 days ago

    Firefox for JavaScript debugging, chrome for everything else, including casual browsing. Both seem to encounter memory problems after running for a few hours so neither are perfect. IE have released a pretty solid browser now, though it's simply a case of too little too late.

  94. Duncan Mitchel · 708 days ago

    I usually use Firefox, and occasionally use Chrome. I've never had any serious problems with FF.

    Well, I take that back: a few months ago I had a lot of crashes, often several a day -- but only on my machine, not on the library computers. So on my laptop I used Chrome, and tried out IE for awhile. After a while Mozilla released a version that didn't crash, so I went back to using it. I use a few add-ons and am used to them, so changing browsers would be a problem; but FF works well for me.

  95. The incoming , outgoing call records as well as the times,
    dates and duration of the phone calls are all stored on the internal memory of the cell phone.
    By simply setting up a bedroom phone to night mode,
    it will not call via the night time hours. These directories are constantly updated to keep up with
    the hundreds of millions of cell phone numbers that exist today.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul is a Boston-based reporter and industry analyst with more than a decade of experience covering the IT industry, cyber security and hacking. His work has appeared on threatpost.com, The Boston Globe, salon.com, NPR's Marketplace, Fortune Small Business, as well as industry publications including ZDNet, Computerworld, InfoWorld, eWeek, CIO , CSO and ITWorld.com. Paul got his 15 minutes as an expert guest on The Oprah Show - but that's a long story.