First Update to Firefox 3 Fixes Several Flaws

The first update to Firefox 3, coming approximately a month after its well received public release, addresses three critical security flaws as well as some other minor issues.

The first vulnerability exists in Mozilla's internal CSSValue array data structure and could be exploited to run arbitrary code on a victim's computer. The issue was first discovered a few weeks ago but details were kept top secret until a fix was made available. The second security snafu deals with the way Firefox behaves when passed a specially crafted command-line URI from an external application. If exploited correctly, an attacker would gain the ability to run arbitrary code with special chrome privileges. The third and final security flaw fixed in Firefox 3.0.1 only affects Mac OS X and involves how the browser handles GIF rendering. This one can also result in unwanted code execution.

Aside from the aforementioned security updates, Firefox 3.0.1 also fixes a number of stability issues. Users should download and install this update immediately. Firefox 2.0.0.16 was also released for security purposes. If you are still running Firefox 2, it is highly recommended that you download this latest version right away.