Mozilla

The Intel Security Advanced Threat Research Team has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations. The Mozilla NSS library, commonly utilized in the Firefox web browser, can also be found in Thunderbird, Seamonkey, and other Mozilla products. Dubbed “BERserk”, this vulnerability allows for attackers to forge RSA signatures, thereby allowing for the bypass of authentication to websites utilizing SSL/TLS. Given that certificates can be forged for any domain, this issue raises serious concerns around integrity and confidentiality as we traverse what we perceive to be secure websites. ...

BetaNews: Mozilla has released Firefox 22.0 FINAL for Windows, Mac and Linux. The update includes some platform-specific improvements — Firefox following display scaling options in Windows, and providing download progress indicators in its dock application icon in OS X — plus a number of other tweaks and improvements. Other new features include the ability for users to now manage their social API plug-ins via the Add-ons menu (select Services in the left-hand menu to do so), while users can now adjust the playback rate of HTML5 audio and video files (right-click the playback screen and choose Play Speed to do so). ...

The H-Online: The latest version of Firefox, version 16, has returned to Mozilla’s servers with the release of Firefox 16.0.1 after the discovery of vulnerabilities caused the organization to remove the just-released open source web browser from circulation. Mozilla’s security blog post described the problem as just that of a malicious web site being able to potentially determine the URLs and parameters used and suggested downgrading to Firefox 15.0.1, despite the numerous critical bugs fixed in Firefox 16. ...

The h-online: Following the recent Firefox 16 release, Mozilla has now detailed all of the security fixes in the new version of its open source web browser as well as in the Thunderbird news and email client. Version 2.13 of the SeaMonkey “all-in-one internet application suite” has also received fixes. In addition to adding new features, version 16.0 of Firefox closes a total of 14 security holes, 11 of which are rated as “Critical” by the project. ...

Cross-copied from BetaNews: Mozilla has quietly placed major new versions of its open-source, cross-platform web browser and email client onto its download servers ahead of an official release. Firefox 15 FINAL benefits largely from behind-the-scenes performance tweaks, while Thunderbird 15 FINAL introduces a few new features, including a new curvy user interface. Firefox 15 FINAL’s most notable changes are performance-based. There’s faster startup on Windows PCs, plus incremental garbage collection and better management of plugins to prevent memory leaks. Other performance improvements surround WebGL enhancements. ...

h-Online: As suggested by some of its developers back in 2010, the Firefox browser will introduce enhanced separation between add-ons and the rest of the browser. With the change, which is planned to take effect with the release of Firefox 17, scripts on web pages will only be able to access the data belonging to add-ons if they are included in a whitelist. ...

h-online: Mozilla has implemented changes to Firefox 14 that address concerns raised by privacy-conscious users over the “new tab” feature in Firefox 13. The Firefox developers have changed the browser’s behavior so that sensitive information should no longer leak via screenshots of web sites. When opening a new tab, Firefox 13 shows users a grid of screenshots of their most visited pages. After this feature was introduced, several users complained to Mozilla and pointed out that the feature also takes screenshots of sensitive web sites such as login pages for online banking sites. ...

Mozilla Firefox: Mozilla has released a new update for Firefox, Mozilla Firefox 14.0.1, This version comes with Google Secure search by default, flat buttons in toolbar and some Performance improvement and security fixes. Read more in Mozilla Blog. Mozilla Thunderbird: Mozilla also updated Thunderbird, Mozilla Thunderbird 14, This version mostly focus on stability, performance and security fixes. I think we cannot expect much more new feature in Thunderbird anymore, Mozilla has announced that they changed the way they develop Thunderbird, Read it yourself in Mozilla Blog. ...

Mozilla Firefox 13 is available for download on Mozilla FTP servers. Visual changes in this version is flatten buttons in toolbar, smooth scroll enabled by default, New Home Screen and a new look for New Tab page. Download: Firefox Setup 13.0.exe [Mirror] MD5: 89bc2ab1a1fa1e2d989d1c551f2a6ddf Size: 15.8MB

The current versions of the Tor Browser Bundle (TBB) include a bug that makes it possible for information about visited web sites to leak out of the anonymising layer. On version 2.2.35-9 of TBB for Windows and version 2.2.35-10 for Mac OS X and Linux, the included version of Firefox does not send DNS requests over the Tor network if the browser is using the WebSocket protocol. This means that an attacker listening in on the connection will be able to identify the servers the user is visiting. ...