Your one-stop web resource providing safety and security information to manufacturers

Mozilla’s Firefox 25 web browser is now available with 10 security fixes along with the latest improvements.

Five of the issues ended up labeled as critical, which means that attackers could exploit them to run code and install software without user interaction being required.

RELATED STORIES
Browser Security Warnings Effective
Security Holes Fixed in Chrome
Mozilla Ships a More Secure Firefox 24
Patched Safari Bug under Attack

The list of critical vulnerabilities includes use-after-free flaws in HTML document templates and when updating offline cache, and a memory corruption bug with the JavaScript engine when using workers with direct proxies.

Miscellaneous memory safety hazards and use-after-free issues found through ASAN fuzzing were also a part of the fix.

Cyber Security

The high-impact security holes include an access violation issue with XSLT and initialized data, and a security bypass of PDF.js via iframes, and a potentially exploitable crash caused when a cycle collected object releases on the wrong thread during image decoding.

Mozilla said users should update their installations to protect themselves against hacker attacks that might leverage these vulnerabilities.

Pin It on Pinterest

Share This