Mozilla re-patches Firefox 3.6 to fix plug-in problem

By Gregg Keizer

It is the second time in two months that Mozilla on Friday hastily set out a repair for Firefox to patch a problem with a browser update released just days before.

Mozilla launched Firefox 3.6.8 on Friday to fix a single security problem and deal with “a stability problem that affected some pages with embedded plug-ins.” called by Mike Beltzner, the director of Firefox.

The company had released Firefox 3.6.7 two days earlier .

According to an advisory delivered on Friday, Mozilla patched one key security bug in the newest update. The warning read, “In certain circumstances, properties in the plug-in instance’s parameter array could be freed prematurely, leaving a dangling pointer that the plug-in could execute, potentially calling into attacker-controlled memory.”

The bug surfaced in one of the 16 patches that Mozilla applied to Firefox earlier in the week.

Any detail information about that vulnerability, and the stability problem that Beltzner mentioned, was not available to the public until Saturday.

However, a large number of reports had been filed by several Firefox users to browser’s support forum of problems with Adobe’s Flash Player plug-in after updating to Firefox 3.6.7.

A user identified only as “Steve” said, “I updated Firefox from 3.6.2 to 3.6.7 and I REGRET IT!” which was posted in a support forum message on Friday morning. “I can’t watch YouTube. Every time the video is about to start Firefox freezes and I can’t do nothing besides going into Task Manager and killing it from there. THIS SUCKS!”

Repairing for Firefox to patch a problem was the second time in two months for Mozilla. Mozilla released the update because users who played Farmville complained that their browser was shutting down the Facebook game, just three days after it had updated Firefox to version 3.6.4 in late June. The company said that a new “out of process plug-ins” feature which was designed to keep the browser working when a plug-in broke down was kicking in too quickly.

Last Tuesday, the company upgraded the older Firefox 3.5 browser to version 3.5.11. However, the older vision is not affected by the security bug or the plug-in stability problem.

In order to update to Firefox 3.6.8, users can either download the new edition or select “Check for Updates” from the Help menu in the browser.

Did you like this? Share it: