[335] in Security FYI
[IS&T Security-FYI] Mozilla Upgrades for Browser Vulnerabilities
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Thu Dec 21 09:02:19 2006
Mime-Version: 1.0 (Apple Message framework v752.3)
Message-Id: <7B8DD701-73F2-4892-9BB1-E2F6EABF7118@mit.edu>
To: ist-security-fyi@MIT.EDU
From: Monique Yeaton <myeaton@MIT.EDU>
Date: Thu, 21 Dec 2006 08:59:25 -0500
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ist-security-fyi-bounces@MIT.EDU
---------------------
This notice is being sent in response to Technical Cyber Security
Alert TA06-354A, December 20, 2006
Mozilla has released new versions of Firefox, Thunderbird, and
SeaMonkey to address several vulnerabilities. Upgrades Mozilla
Firefox 1.5.0.9, Mozilla Firefox 2.0.0.1, Mozilla Thunderbird
1.5.0.9, and SeaMonkey 1.0.7 address these vulnerabilities. All three
browsers automatically check for updates by default.
According to September 2006 statistics, 45% of certificates at MIT
were obtained using Firefox/Mozilla browsers. If you are using any of
these browsers, we advise to upgrade now.
Firefox 1.5.0.9
<http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html>
Firefox 2.0.0.1
<http://www.mozilla.com/en-US/firefox/>
Thunderbird 1.5.0.9
<http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.9.html>
SeaMonkey 1.0.7
<http://www.mozilla.org/projects/seamonkey/>
The vulnerabilities found could allow a remote attacker to execute
arbitrary code that could possibly affect the application. It could
also allow impersonation of a seemingly secure site and cause a
denial-of-service (DoS), making a Web page unavailable to its
intended users.
According to Mozilla, Firefox 1.5.0.x will be maintained with
security and stability updates until April 24, 2007. All users are
strongly encouraged to upgrade to Firefox 2 <http://www.mozilla.com/
en-US/firefox/>.
-----
The most recent version of this CERT advisory can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-354A.html>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
N42-040, tel: (617) 253-2715
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
