The Mozilla Foundation on 17 April released the web browser Firefox 1.5.0.2 with enhanced security options, as the older version Firefox 1.5 posed critical security troubles for users. Mozilla has strongly advised its users to upgrade their software for protection from the security defects.

 

According to Secunia, a Danish computer security service provider, there are around 21 flaws in Firefox 1.5, causing critical security threats. Firefox 1.5 can allow attackers to take advantage of the security flaws, who can gain control of the computer systems. It can also permit the arbitrary Java script code to get inserted in the web pages.

 

The latest version includes remedies for these security defects. It provides users with improved security options and prevents computer systems from spyware, worms, and viruses.

 

This is believed to be the first time that Firefox and the Mozilla suite are being reported as security defaulters. Firefox 1.5 was once considered a sound Internet browser, but the recent disclosures by the US Computer Emergency Readiness Team (US-CERT) added to the worries of Mozilla users. The US-CERT, that works for the protection of the Internet infrastructure in the US, has advised users to upgrade to the latest versions of all Mozilla software, including the Thunderbird email software and Seamonkey application suite. It said that Firefox 1.5 and other software of Mozilla based on Firefox code are susceptible to security failures. The US-CERT warned that any product based on the older Mozilla components, especially Gecko, the open-source layout engine, could also be affected.

 

The flaws in Firefox 1. 5 were discovered by Mozilla and some other researchers who worked on the TippingPoint-Zero Day Initiative, which is an Internet-based project to discover security and other flaws for software.

 

An anonymous researcher reported to the initiative that Mozilla web browser allows attackers to execute arbitrary code on web pages. Several other flaws have also been reported, which can pose critical security problems. The security flaws in Firefox can allow attackers to fraudulently acquire sensitive information, such as passwords or confidential bank details, by sending an apparent official electronic communication. The vulnerabilities also allow the attackers to conduct cross-scripting and trick users into downloading malevolent files.