Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,254 Location Upstate, NY Aug 6, 2013 #1 Mozilla sent Firefox Version 23.0 to the release channel. The current update includes thirteen security updates of which five are critical, six high, one moderate and one low. Fixed in Firefox 23 MFSA 2013-75 Local Java applets may read contents of local file system MFSA 2013-74 Firefox full and stub installer DLL hijacking MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest MFSA 2013-72 Wrong principal used for validating URI for some Javascript components MFSA 2013-71 Further Privilege escalation through Mozilla Updater MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes MFSA 2013-69 CRMF requests allow for code execution and XSS attacks MFSA 2013-68 Document URI misrepresentation and masquerading MFSA 2013-67 Crash during WAV audio file decoding MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MFSA 2013-65 Buffer underflow when generating CRMF requests MFSA 2013-64 Use after free mutating DOM during SetBody MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8) Additional information in my blog post here.
Mozilla sent Firefox Version 23.0 to the release channel. The current update includes thirteen security updates of which five are critical, six high, one moderate and one low. Fixed in Firefox 23 MFSA 2013-75 Local Java applets may read contents of local file system MFSA 2013-74 Firefox full and stub installer DLL hijacking MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest MFSA 2013-72 Wrong principal used for validating URI for some Javascript components MFSA 2013-71 Further Privilege escalation through Mozilla Updater MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes MFSA 2013-69 CRMF requests allow for code execution and XSS attacks MFSA 2013-68 Document URI misrepresentation and masquerading MFSA 2013-67 Crash during WAV audio file decoding MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MFSA 2013-65 Buffer underflow when generating CRMF requests MFSA 2013-64 Use after free mutating DOM during SetBody MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8) Additional information in my blog post here.
P Patrick Sysnative Staff Joined Jun 7, 2012 Posts 4,618 Aug 6, 2013 #2 Thanks for the heads up, Corrine! Just updated : )
Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,254 Location Upstate, NY Aug 6, 2013 #3 This article explains about the "mixed content blocking" that was included in Version 23.0: Mixed Content Blocking in Firefox Aurora | Mozilla Security Blog
This article explains about the "mixed content blocking" that was included in Version 23.0: Mixed Content Blocking in Firefox Aurora | Mozilla Security Blog
x BlueRobot Administrator Staff member Joined May 7, 2013 Posts 10,265 Location %systemroot% Aug 7, 2013 #4 I've just updated, I don't really like the new Firefox icon though.
Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,254 Location Upstate, NY Aug 7, 2013 #5 I agree. The new icon is flat. I don't see the purpose in change for the sake of change or because everyone else is doing it.
I agree. The new icon is flat. I don't see the purpose in change for the sake of change or because everyone else is doing it.
Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,254 Location Upstate, NY Aug 17, 2013 #6 Mozilla sent Firefox Version 23.0.1 to the release channel late yesterday. It appears that the released update was to fix the issues shown below and as of last night was only available via the internal updater. What’s New FIXED -- 23.0.1 - Rendering glitches on H.264 video only in FF23 on Vista (901944) FIXED -- 23.0.1 - Spell checking broken with non-ASCII characters in profile path (902532) FIXED -- 23.0.1 - Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls (901527)
Mozilla sent Firefox Version 23.0.1 to the release channel late yesterday. It appears that the released update was to fix the issues shown below and as of last night was only available via the internal updater. What’s New FIXED -- 23.0.1 - Rendering glitches on H.264 video only in FF23 on Vista (901944) FIXED -- 23.0.1 - Spell checking broken with non-ASCII characters in profile path (902532) FIXED -- 23.0.1 - Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls (901527)
x BlueRobot Administrator Staff member Joined May 7, 2013 Posts 10,265 Location %systemroot% Aug 17, 2013 #7 Thanks for the update :thumbsup2: