Firefox update no April Fool

Filed Under: Firefox, Malware, Vulnerability

If you've just returned to work after the Easter long weekend, and you're a Firefox user, you might not yet realise that the guys at the Mozilla Foundation recently pushed out their 3.6.3 update, just ten days after releasing 3.6.2.

The 3.6.3 version was released specifically to close a vulnerability demonstrated in the Pwn2Own contest at this year's CanSecWest conference in Vancouver.

This is pretty quick work by the Firefox coders – the Pwn2Own contest started two days after the 3.6.2 Firefox update came out.

So, whilst the company which bankrolls Pwn2Own might subjectively claim to be proud of its competition (which, bluntly put, offers cash in return for zero-day exploits), the Mozilla crew can objectively be proud of knocking this bug on the head swiftly.

PS: the 01 April 2010 datestamp of Firefox 3.6.3 simply means that the release came out on 01 April. It's not an April Fool's joke.

, , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog