Firefox 16 Re-released After Fix of Flaw

One day after suddenly pulling the latest version of it's popular web browser off of their website, Mozilla has re-released Firefox 16 for download. Mozilla pulled the latest version of Firefox from their install page as a result of a discovered security flaw. The security flaw apparently allowed harmful and malicious websites to track and identify which websites the user had visited. This flaw was discovered by security researcher Gareth Heyes, who then publicly disclosed the vulnerability.

While Mozilla has stated that there is no evidence of this flaw "in the wild", Mozilla on Wednesday recommended that users who upgraded to version 16 downgrade back to 15.0.1. By noon Thursday however a new version, 16.0.1, was available for download, and according to Mozilla is now safe to download and use. Anyone that had already downloaded version 16 was upgraded to this newer version, along with an update for the Android version, released Wednesday night.

The good news for Mozilla is that this security flaw appears to be minor, and was one that they were able to quickly fix. Their browser Firefox, an open-source, free web browser, has enjoyed continued growth and success since it's release in November of 2004, and now holds 22% of the global browser market share. With the continued competition from poplar web browsers such as Internet Explorer and Google Chrome, Mozilla has to ensure that their browser is safe and secure for users. It remains to be seen if any more security flaws will be discovered with the updated version, but for now it appears to be working well for Firefox.



Source: CNET - Mozilla rereleases Firefox 16 after fixing critical flaw

Microsoft Issues Fix It Patch for Internet Explorer Vulnerability

Microsoft has just released what it is calling "Fix It" software that was designed to protect Windows users from a critical hole in Internet Explorer that was being exploited by hackers. While this is all well and good, it isn't the big fix that everybody has been waiting for. Instead, this is merely a temporary fix until Microsoft releases a cumulative update for Internet Explorer.

According to Trustworthy Computer Director for Microsoft Yunsun Wee, the Fix It tool "is an easy, one-click solution that will help protect your computer right away. It will not affect your ability to browse the web, and it does not require a reboot of your computer. This will not only reinforce the issue that the Fix It addressed, but cover other issues as well, including four other critical remote code execution issues."

This isn't some minor hole, however. In fact, the vulnerability is so severe that the German government and security experts have been advising people to avoid using Internet Explorer altogether until the vulnerability is patched entirely, which won't happen until the larger update is released. That update, which has a severity rating of Critical, should come out any day now, meaning users won't have long to wait until they can get back to viewing the internet in peace.

This vulnerability, more specifically, was uncovered within the past week and could very well compromise the PCs of every single Internet Explorer user who visits a malicious site. The flaw itself is being actively exploited to deliver a back-door Trojan known as Poison Ivy. My recommendation is that you download the patch as soon as it is available so as to not risk any critical harm befalling your PC.

Source: CNET - Microsoft issues fix for IE hole; full update coming Friday