Firefox 20 was just released yesterday, marking also the 15th anniversary. 3 critical, 11 total security fixes are in Ff 20. Also, new private browsing updates were made as well as the ability to close hanging plugins without the browser hanging.
Mozilla detailed the security fixes, which includes the critical and high risk categories:
- CRITICAL: MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
- CRITICAL: MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
- CRITICAL: MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
- HIGH: MFSA 2013-31 Out-of-bounds write in Cairo library
- HIGH: MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
- HIGH: MFSA 2013-34 Privilege escalation through Mozilla Updater
- HIGH: MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
Other than all that, there were more performance tweaks, as usual, as well as much improved HTML5 tools.
Mozilla is planning to fixes in Ff 21: known HTML5 video bug on being able to use copy actions, browsing and download history pairing, and function keys that don’t work when pressed. Other info on updates and issues, look here.
In Firefox, if you’re not automatically prompted to update, then do so as soon as possible by clicking the Firefox tab at the top left corner of the browser, hovering over Help >, click on About Firefox. You may also have to click Check for updates in the window that pops up. You should be patched.
Once you install Firefox, it will ask to restart your browser. Please allow it to do so, in order for it to finish updating and get you secure and well on your way in the dangers of the Internet.
Feel free to comment at any time.