Jump to content


Firefox Version 50.0.2 Released to Address Critical Zero-Day Vulnerabi


  • Please log in to reply
1 reply to this topic

#1 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,004 posts

Posted 30 November 2016 - 07:07 PM

Mozilla sent Firefox Version 50.0.2 to the release channel today to address a critical zero-day vulnerability in the wild.  Firefox ESR was updated to version 45.5.1.  The update includes only the one critical update, Firefox SVG Animation Remote Code Execution.

Additional information about the vulnerability here:  Vulnerability Note VU#791496 - Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability.

Note:  As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable.  After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.



Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#2 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,004 posts

Posted 01 December 2016 - 08:28 PM

View PostCorrine, on 30 November 2016 - 07:07 PM, said:

Note:  As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable.  After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.
Twitter message from PaleMoon:

Quote

Despite this, we'll still be releasing a DiD patched update on Dec 2nd that fixes the crash at the root of this.

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users