New version of Firefox available. Upgrade to version 1.0.1 to fix security risks.
Firefox Security Update
Firefox version 1.0.1 has been released as a security update. The new version also has improved stability.
This release addresses the following security issues.
- Internationalized Domain Name (IDN) homograph spoofing
- Unsafe /tmp/plugtmp directory exploitable to erase user's files
- Plugins can be used to load privileged content
- Image drag and drop executable spoofing
- HTTP auth prompt tab spoofing
- Download dialog source spoofing
- Download dialog spoofing using Content-Disposition header
- Overwrite arbitrary files downloading .lnk twice
- XSLT can include stylesheets from arbitrary hosts
- Autocomplete data leak
- Memory overwrite in string library
- Install source spoofing with user:pass@host
- Spoofing download and security dialogs with overlapping windows
- Heap overflow possible in UTF8 to Unicode conversion
- SSL "secure site" indicator spoofing
- Window Injection Spoofing
Download Firefox 1.0.1
Get the new version of firefox at: http://www.mozilla.org/products/firefox/