Much like Google, which updated Chrome yesterday, Mozilla released a new version of Firefox on Tuesday, fixing 40 vulnerabilities in the browser.
The update, Firefox 45, included eight bulletins rated critical and patched a handful of serious use-after-free vulnerabilities and a pair of buffer overflow vulnerabilities.
The lion’s share of the bugs, 14, were in the font-processing library, Graphite 2. Before it was fixed, a malicious Graphite font, coupled with a combination of uninitialized memory errors, out-of-bounds read errors, and out-of-bounds write errors, could’ve led to a exploitable crash if loaded.
The use-after-free bugs existed in the browser’s HTML5 string parser, WebRTC, XML, and SetBody function. All could have led to potentially exploitable crashes, according to advisories published by Mozilla’s security team Tuesday.
Another vulnerability, a heap-based buffer overflow existed in the Network Security Services (NSS) libraries. An attacker could have created a certificate that when parsed by NSS, would’ve prompted the library to crash or execute arbitrary code with the permissions of the user. As a result Mozilla is urging users to not only update to Firefox 45 to solve the issue, but encouraging anyone who’s coordinating projects running NSS 3.21 to upgrade to NSS 3.21.1.
The update also remedies miscellaneous memory safety hazards, memory leaks, and a address bar spoofing issue.
The address bar spoofing issue is interesting because before the update, a user could navigate from one malicious page to another, but once they navigated back to the initial page, the URL bar wouldn’t reflect the reloaded page.
“This could be used to trick users into potentially treating the page as a different and trusted site,” Mozilla warns.
Aside from bug fixes, Mozilla claims the update also discontinues some of the browsers’ lesser-used functionalities. The company has decided to do away with Tab Groups, a feature that let users group tabs together and disable older and “rarely used” Android versions (3.0 to 3.2.6, Honeycomb).