Sunday, September 13, 2009

Firefox Security Update to v3.5.3

Mozilla has released a patch that closes several security holes rated "critical." This brings the latest version number to 3.5.3. Details, if you want them, are in the release notes.

If you don't have automatic updates or notifications enabled, do Help → Check for Updates. I have automatic updates enabled at the moment, and having left the machine for a while with Firefox open, I came back to find a message saying the update had been downloaded, and I just need to restart Firefox for it to be installed. Did so, and everything appears fine.

By the way, starting with this version, Firefox will also periodically check to see if the Flash Player plugin installed in your browser is up to date. I can't speak to how well this works at the moment, since I already have the latest version of Flash installed (as do you, if you've been following along), but it sounds like a smart step. Details are available on the Mozilla Security blog.

P. S.  If you're curious, you can always check what version of Flash you have installed in the usual way.

5 comments:

Substance McGravitas said...

You might want to note that Flash has its own cookies.

bjkeefe said...

That's a point worth making, SM, and thanks.

I don't usually get that deep into the geek on this blog, because I am guessing that anyone who cares about such matters is already getting their information elsewhere. I just try to remind people of the most basic computer security things they should be doing -- sort of a "the first 10% of your actions will prevent 90% of the problems" approach -- and it's my impression that saying "Flash sets cookies" sounds way more ominous to the readers I have in mind than it really is.

It'd be a nice thing if Firefox added to its privacy tools a way to clear such cookies easily. Have you posted this suggestion in their Bugzilla database or in their support forums? Seems like it'd be worth the effort.

Substance McGravitas said...

Hm. A good thought.

Arbez said...

What's the deal with Flash cookies? why would you want to delete 'em?

bjkeefe said...

As with any cookies, these potentially offer the creators of Flash apps that you look at with your browser a way to track, say, your Web-surfing behaviors. (Also as with any other cookies, there may be some desirable aspects, too, like saving preferences for a given site.)

Some people find cookies to be an invasion of privacy because of this potential to track usage, visits, etc., so they like to delete them from time to time.

I don't much care about this, but it is irritating to me on principle that Adobe/Flash is breaking the way the user expects the browser to operate -- "delete all cookies" should, you know, delete all cookies set through that browser.

ShareThis