Mozilla Releases Firefox Updates, Retires Firefox 1.5.0.x

Mozilla Foundation released updates for Firefox that fix five vulnerabilities present in both the 2.0.0.x and 1.5.0.x versions of the browser. One vulnerability could lead to browser crashes, and Mozilla considers that vulnerability to be critically dangerous. Another vulnerability rated as highly dangerous could let intruders inject scripts from one site into another site. Such cross-site scripting violates the browser's same-origin policy. The other three vulnerabilities are rated as low risks and involve problems with cookie path abuse, Denial of Service (DoS) by using the browser's autocomplete feature for form input, and spoofing content by exploiting pop-up features.

The new versions, Firefox and Firefox correct the vulnerabilities. A spokesperson for Mozilla said, "We anticipate this to be the last release in the Firefox 1.5.0.x series." So unless a serious problem is discovered in the 1.5.0.x series, there won't be any further updates made available. The foundation provides support for legacy versions for six months after a major version release becomes available. Support for 1.5.0.x had already been extended beyond the six month window "to accommodate some recent changes in update functionality."

"Over the coming weeks, Mozilla will be presenting users with a notification message that will offer users a 'major update' to Firefox 2. Upon confirmation \[by the user, the\] browser will be upgraded from to," the spokesperson said.

Firefox also fixes several problems that occur when the browser is used on Windows Vista

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.