Firefox 3.5.2 released to fix critical security problem

Filed Under: Firefox, Vulnerability

Mozilla, the makers of the Firefox web browser, has issued an important update that fixes a number of security issues - including the problem of how hackers could spoof SSL certificates by inserting null characters into certificates, exposed at the BlackHat conference last week.

In a blog post, Mozilla said that they "strongly recommend that all Firefox users upgrade to this latest release".

Fortunately Firefox includes automatic updating technology, so users should receive a notification of the update's availability within 24 or 48 hours. If you wish to install the update manually, you can just choose "Check for Updates" from Firefox's Help menu.

Of course, in a corporate environment you may choose to roll out the update at your own timescale. But make sure you do continue to keep up-to-date, whichever browser you are choosing to run on your company's computers.

Which brings me to a timely reminder. If you're still using the legacy 3.0 version of Firefox, it really is time to upgrade to version 3.5.

, ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley