Mozilla has patched Firefox 4 for the first time, fixing eight flaws, including a major programming oversight that left the browser as vulnerable to attack on Windows 7 as on Windows XP. The company also plugged 15 holes in the still-supported Firefox 3.6, and issued its last security update for Firefox 3. Mozilla patched a total of 20 bugs in all versions of Firefox, 17 of them rated critical.
"The WebGLES libraries could potentially be used to bypass a security feature of rhttp://www.blogger.com/img/blank.gifecent Windows versions," Mozilla acknowledged. "WebGL was introduced in Firefox 4; older versions are not affected by these issues."
"This is the last planned security and stability release for Firefox 3.5," said Christian Legnitto, who overseas Firefox releases. "All users are encouraged to upgrade to Firefox 4."