back to article Firefox update fixes four critical flaws

Users of Firefox need to update their browser software again following the publication of patches by Mozilla on Wednesday. Both supported versions of Firefox need patching but the 2.x version of the popular open source browser is most in need of a retool. Firefox addresses 11 security vulnerabilities, six of which are …


This topic is closed for new posts.
  1. Anonymous Coward
    Jobs Halo

    I thought it was safer and secure and all that?

    11 in one go?! That beats its previous record of 10 in one go!

    Terrible track record. Hundreds of gaping holes since it launched just a few years ago unlike, say, Safari. By the time it's been around as long as IE, imagine what the figure will be!

    Netscape used to be the bane of the Web. Now it's IE but IE is changing. I think in another 5 years Firefox will be the runt of the litter because it'll be bloated and slower than the rest.

  2. Florence

    Thanks for the reminder

    About Firefox 2 only being supported for another month. I have no intention of upgrading to Firefox 3 until they fix the address bar. Well when I say fix, I mean give me an option to get the old behaviour back.

    Typing this from Opera, which I need to get used to again, and even though they made the same mistake with 9.50, at least they have listened and brought back an option to have a more standard address bar. Now if only there could be a decent flashblock and right-click "block images from this server" option...

  3. James

    Change is good.

    Florence, you should try change. Change is good. Are you still using Windows 98 too?

  4. Chronos


    Well said. Firefox 3's "AwesomeBar", well, isn't for a lot of people. I know it's easy to disable (OK, cripple by setting its results enumeration to 0) but it's much easier for me to simply stick with what works. Besides, on my chosen platform, the system-wide plugin location is set to a non-standard prefix and it takes much piddling about with symlinks to get them working properly. The first version of Fx3 also somehow broke /home over NFS, which made it completely unusable. Fx2, OTOH, performs perfectly on make install.

    @James: Change for change's sake is not good. That's not to say if you like Fx3 and its new UI, you're somehow odd; if it works for you, fine, but don't force your tastes on the rest of us and ridicule us when we make an informed, reasoned and conscious choice. That's what religions do and I think we're all very aware of where that leads. The capitalists love that mindset, of course. Unthinkingly grabbing the latest of everything makes you an ideal consumer.

  5. Anonymous Coward


    Except the awsome bar isn't change for change sake. It's called <em>development</em> (I don't care if tags work or not!) or <em>progress</em>. I've read a few people dismiss it - like the office ribbon - but once you've used it for a little while and understood <em>how</em> to use it (it really isn't that difficult), I'm sure you'll find it awsome! As for the last part; a little bit over zeolous there don't you think?! It's only software! Free for that matter too (I can asure you capitalists DON'T love THAT mindset!) and there are other free alternatives - the beauty of open source! You could always use the browser that came free with whatever version of Windows you use. (If it's 3.1, you're out of luck! By the way Microsoft are going to stop supporting that version soon!)

    and @Florence: I bet you both hated the change to the UI in Vista and Office too.

  6. David Nash

    Address bar

    What's wrong with it?

  7. David

    And the server goes down!!

    Tried to do the update just now and got 'verification of incremental update failed, downloading complete package.. Left it 10 mins.. still going...

    The took a look at the firefox web site and clicked on the download 3.0.4 link - Server down for maintenence, please use mirror.

    Is this a hack trying to get me to install some malicious software or genuine?

    David Barnes

  8. Anonymous Coward
    Anonymous Coward

    Re: Change is good?

    @ James

    Presumably you are running Vista then?

  9. pieslapper


    "Change for change's sake is not good."

    That's what I kept saying.....but Obama got elected anyway.

  10. Anonymous Coward
    Thumb Up


    "don't force your tastes on the rest of us and ridicule us when we make an informed, reasoned and conscious choice. That's what religions do and I think we're all very aware of where that leads."

    Ah ... can't think of any religions which "ridicule" others for making an informed, reasoned and conspicuous choice. Care to share an example? Or phrase what you're trying to say more meaningfully?

    What has capitalism to do with an open source, free to use browser? Nothing? Ah.

    Great points there.

  11. Robert Moore


    I hated the "new and improved" address bar myself when it first came out.

    It took a couple of days to get used to it, but now the old style looks crippled.

  12. Roy Stilling


    The "oldbar" extension is your friend, and mine.

    The only reason I keep FF2 hanging around alongside FF3 (dead easy on a Mac, just rename the .app file) is that there are a few sites where Flash video simply doesn't work in FF3 - and does in FF2. Comedy Central is one.

  13. Jess


    Change is good? XP > vista? 2000 > XP I think not.

    I shall be sticking to FF 2 until it becomes unsupported and new exploits appear for it, then I shall move over to Opera. (That is unless they decide to start supporting Panther, or someone gives me a legal copy of Tiger.)

  14. Anonymous Coward
    Anonymous Coward

    @ Top AC

    Oh god what. If this isn't a troll, you need to get off the internet.

  15. Florence
    Thumb Down

    Change CAN be good

    But it's not that good when it breaks stuff that works.

    Next you'll be telling I really really need to upgrade XP to Vista too and buy a new computer?

    Organisation can be good too. As in address bar for URLs, bookmarks for bookmarks, history to search your browser history.

    I've been using Firefox since back in the days when it was still called Phoenix (switched from Opera as i needed SOCKS support). It's obviously improved tremendously since those days, but this particular change is just making the browser unusable for me.

  16. Chris

    Restoring Firefox 2 address bar behaviour

    There's an extension for Firefox 3, called "Oldbar". Installing it gives you the behaviour from Firefox 2, and is a much more satisfactory tweak than disabling the enumeration of suggestions suggested in other posts.

  17. Bruno Girin
    Thumb Up


    @AC: how many security bugs they solve is no indication of how secure or insecure the software is. All software more complicated than "hello, world" has bugs. The important metric is whether they actually resolve the bugs and how long it takes them to do so. I'd rather have software with 100 defects resolved within a few weeks of being reported than software with 10 defects resolved within 6 months of being reported.

    @Florence: have you actually files a bug or request for improvement on bugzilla for this? One reason I use Firefox is that they are usually very responsive in addressing defects and the bugzilla system keeps you updated of the progress. Some people (like me) actually like the new address bar but I can understand why some people wouldn't. An option to chose what behaviour you want to use would be great.

  18. Nic Brough


    I like the new bar. Took a bit of getting used to, and I hated it at first, but I've come to like it.

    But I know people don't like it, so I'm completely on your side in arguing for the ability to disable it completely. about:config and setting browser.urlbar.maxRichResults to zero is NOT the way they should have done it - it should be in the options.

    I've also had a go at Minesweeper. I hope that goes live soon, it's much better than FF 3.0

  19. Sim
    Thumb Down

    ff3 address bar

    I have previously installed ff3 and then uninstalled it because of the the address bar behaviour .

  20. Kenneth Chan

    I'm still on NT

    Sorry, but Firefox 3 will not run on my poor NT box.

  21. Anonymous Coward

    Re: Trolls and messiahs

    By Anonymous Coward:

    "If this isn't a troll, you need to get off the internet."

    You only need to get off the Internet if you're using Firefox. Until you've shored it up with patches of course. Then it'll be absolutely bullet proof like folk have said all along.

    By Bruno Girin:

    "how many security bugs they solve is no indication of how secure or insecure the software is."

    Only the true Messiah denies His divinity!

  22. This post has been deleted by its author

  23. Kevin


    completely agree about the awful bar

    Unfortunately I couldn't locate the installer for FF2 and spent 40 minutes locating the settings and extensions to disable 90% of the damn thing.

    @Mark Legosz

    your comparison is a little off it would be like giving your grandmother an iPhone when she only wants a basic phone that makes a phone call with minimal effort. Not having to press extra butons.

    Some people just want something that works without the un-needed bulk and shininess while others find it appealing.

  24. Bill Smith

    Please don't feed the troll!

    Gotta love how the very first poster had to complain about something unrelated to the article, and then most of the rest of the comments were responding to that.

    Of course, I don't have anything to say about the security patches either!

    P.S. When they first introduced the new toolbar in the 3.0 Beta it sucked, but ever since 3.0.0 or 3.0.1 it's worked great and I now prefer it.

  25. Anonymous Coward


    Address-bar Liberation Front

    Join now!

  26. Anonymous Coward
    Thumb Down

    Two good reasons for dumping Firefox

    Firstly as a Win98 user, come the "great switch off" for corrections of existing faults in the software, I am left out in the cold.

    Secondly, the great Firefox intention to out-Phorm Phorm with FF3. Even if they have decided not to collect user web site visit data from Firefox 3 users, that they ever thought of it was enough to make me start thinking about alternatives.

    I had believed the FOSS people were proof against Bill Gate's "Constant Upgrade" business model. I think that we can now see it is just spun differently by the PR (Perpetual Rumour) teams. The effects appear to be the same.

  27. Jacob Reid
    Thumb Down

    The dat the stop updating 2.x is the day I stop using Firefox

    At least until they give an option to disable Ff3's bloody awful address bar.

  28. Anonymous Coward
    Paris Hilton

    Here we go again

    I'm sick of all these updates and seriously considering going back to Internet Explorer.

  29. Chris Ovenden

    Are you people quite mad?

    ... you can use the FF3 Address Bar the same way as you always did, by typing in the first part of the address you want to go to until enough has been typed to narrow it down so that the URL you want is showing in the dropdown, then pick it from the list. As you're typing, other URLs may be shown in the list but they're likely to be related to the one you're typing. Even if they're not, plough on and your result will soon appear. What's the problem?

    In addition, the address bar will help you find addresses where the part of the URL you can remember is not at the beginning, or where you can only remember part of the page title, but you don't have to worry your little heads about this.

    You people probably don't like predictive texting either, do you? What a reason to abandon a browser: "They added extra functionality! Waaaah!"

  30. Anonymous Coward

    You prat!

    "I'm sick of all these updates and seriously considering going back to Internet Explorer"

    1) would you rather security problems weren't addressed?

    2) there are updates to IE pretty much every patch Tuesday

    If you're going back to IE may I recommend IE 3.0 which is no longer supported, so you'll be safe from those nasty security patches.

This topic is closed for new posts.

Other stories you might like