Tech Support Forum banner
Status
Not open for further replies.
1 - 13 of 13 Posts

·
Registered
Joined
·
1,950 Posts
[email protected]

in the About tab of my version of FF it says v2.0 now when i go to C:\Program Files\Mozilla Firefox\ and open the properties to firefox.exe in the version tab is shows:

File Version: 1.8.20061.1023

and then selecting File Version from the "Other version information section in the Version tab i get the following:

File Version: 1.8.1: 2006101023

now with my thinking i'd think the 200610 part would mean 10/2006 liek October 2006. which is the time i updated i think. but i'm not sure.
 

Attachments

·
Registered
Joined
·
329 Posts
Discussion Starter · #5 · (Edited)
It's usually best to upgrade to the latest versions as they become available in my opinion. Whilst the post I made gives the information that 2.0.0.1 is released (which is always nice to know), there's no great imperative to update. It might be best to be patient and wait for update to happen automatically.

EDIT: Sorry norin - I should have answered your question. 2.0.0.1 is an update to version 2.0
 

·
Registered
Joined
·
1,950 Posts
o ok thanks for the clarification, i wasn't sure if the v2.0 included the .0.1 at the end or not lol. but ne ways i'll update now :)

EDIT: i found the reason for the 2.0.0.1 update..

I WOULD UPDATE NOW! to avoid the exploit.

this came from an email i get from Secunia Security Advisories. it explaines why the new update for Firefox and is listed as CRITICAL

TITLE:
Mozilla Firefox Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA23282

VERIFY ADVISORY:
http://secunia.com/advisories/23282/

CRITICAL:
Highly critical

IMPACT:
Cross Site Scripting, Exposure of sensitive information, DoS, System
access

WHERE:
From remote

SOFTWARE:
Mozilla Firefox 1.x
http://secunia.com/product/4227/
Mozilla Firefox 2.0.x
http://secunia.com/product/12434/

DESCRIPTION:
Multiple vulnerabilities have been reported in Mozilla Firefox, which
can be exploited by malicious people to gain knowledge of certain
information, conduct cross-site scripting attacks, and potentially
compromise a user's system.

1)Various errors in the layout engine and JavaScript engine can be
exploited to cause memory corruption and some may potentially allow
execution of arbitrary code.

2) An error when reducing the CPU's floating point precision, which
may happen on Windows when loading a plugin creating a Direct3D
device, may cause the "js_dtoa()" function to not exit and instead
cause a memory corruption.

3) A boundary error when setting the cursor to a Windows bitmap using
the CSS cursor property can be exploited to cause a heap-based buffer
overflow.

4) An unspecified error in the "watch()" JavaScript function can be
exploited to execute arbitrary code.

5) An error in LiveConnect causes an already freed object to be used
and may potentially allow execution of arbitrary code.

6) An error in the handling of the "src" attribute of IMG elements
loaded in a frame can be exploited to change the attribute to a
"javascript:" URI. This allows execution of arbitrary HTML and script
code in a user's browser session.

7) A memory corruption error within the SVG processing may allow
execution of arbitrary code by appending an SVG comment DOM node from
one document into another type of document (e.g. HTML).

8) The "Feed Preview" feature of Firefox 2.0 may leak feed-browsing
habits to websites when retrieving the icons of installed web-based
feed viewers.

9) A Function prototype regression in Firefox 2.0 can be exploited to
execute arbitrary HTML and script code in a user's browser session.

SOLUTION:
Update to version 1.5.0.9 or 2.0.0.1.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits the following:
1) Andrew Miller, David Baron, moz_bug_r_a4, Georgi Guninski, Jesse
Ruderman, Olli Pettay, Igor Bukanov, and Vladimir Vukicevic.
2) Keith Victor
3) Frederik Reiss
4) Shutdown
5) Steven Michaud
6) moz_bug_r_a4
7) An anonymous person via ZDI.
8) Jared Breland
9) moz_bug_r_a4

ORIGINAL ADVISORY:
Mozilla:
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
http://www.mozilla.org/security/announce/2006/mfsa2006-71.html
http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
http://www.mozilla.org/security/announce/2006/mfsa2006-73.html
http://www.mozilla.org/security/announce/2006/mfsa2006-75.html
http://www.mozilla.org/security/announce/2006/mfsa2006-76.html
 

·
Roaming To Help
Joined
·
5,667 Posts
[email protected]

in the About tab of my version of FF it says v2.0 now when i go to C:\Program Files\Mozilla Firefox\ and open the properties to firefox.exe in the version tab is shows:

File Version: 1.8.20061.1023

and then selecting File Version from the "Other version information section in the Version tab i get the following:

File Version: 1.8.1: 2006101023
Hi norin

For Firefox 2.0

The User Agent is Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 Mnenhy/0.7.4.666
Build ID: 2006101023
now with my thinking i'd think the 200610 part would mean 10/2006 liek October 2006. which is the time i updated i think. but i'm not sure.
Yes, thats correct in one part. It basically shows the build date/time of the last official release. Now we have the new one. :grin:
 

·
Roaming To Help
Joined
·
5,667 Posts
Thanks, yes. There's also many minor "bug" fixes in there, so if you experienced any they'd be resolved here. Jesse, Brendan, David and Mike were the guys who supported most of these to be incorporated in this update.
 

·
Registered
Joined
·
329 Posts
Discussion Starter · #10 ·
Here's a full list of fixes:

http://forums.mozillazine.org/viewtopic.php?t=494984

Note the top of the list where it says: 'Bugs fixed so far for Firefox 2.0.0.1: ~183 in total; 42 crashers, 3 memory leaks, 41 regressions and 4 privacy-related bugs.'

I always find it strange that so many fixes can be listed ...but for me anyway, the browser seemed to run fine before updating to 2.0.0.1 :smile:
 

·
Roaming To Help
Joined
·
5,667 Posts
Thanks for that martt. Along with it in that link this info is useful for some:

FYI, Flash 9.0.28.0 has been released, which also fixes some crashes!
Also, J2SE(TM) Runtime Environment 5.0 Update 10 has been released, which should also fix some (Java-related) crashes.


Ever since adobe took over flash, there have been too many issues with it which I hope are corrected there for many :grin:
 

·
Registered
Joined
·
1,950 Posts
thanks 2 Kalim for the flash and JRE update info too. much helpful :)

EDIT: also along with this mozilla firefox update and exploits for the v2.0 of the firefox build there are updates for mozilla thunderbird and mozilla seamonkey too. it is reccomended to update those versions to the latest release. visit the respected website for the software to view upgrades.
 

·
Roaming To Help
Joined
·
5,667 Posts
You're welcome norin.

There isn't an official section I could find here for software or MUA's so I've added it here fro any who are interested.

If your a user of Thunderbird with the previous version 1.5.0.8 being the latest before today formally, then a new version has been released and is available by update: Thunderbird v1.5.0.9

Here's where to download it from and see all of the complementary release notes:
http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.9.html

NOTE: As per Mozillazine common knowledge and advice by the mods; In any update, it is advised and better to download the full package, remove the old installation from your computer, wipe its installation folder in the directory and then reinstall again.. AFTER making a backup of your profile before doing so.


If an update is required the usual way, then "Check for Updates" will bring you this release.

Thanks.
 
1 - 13 of 13 Posts
Status
Not open for further replies.
Top