Mozilla followed up its Firefox 9 release earlier this week with an update aimed at swatting a bug causing browsers to crash.
The fix was issued Wednesday with Firefox 9.0.1, and addresses the issue for users across Mac, Windows and Linux, though Mac users were reportedly affected the most. The source of the problem appears ironically to have been a faulty bug fix included in Firefox 9. Mozilla addressed the issue by removing the patch in the update.
The update came roughly 24 hours after the company released Firefox 9 with fixes for several vulnerabilities, including a number of hazardous bugs outlined in four “critical” security advisories.
Among the critical vulnerabilities addressed in Firefox 9 are two that underscore security concerns tied to HTML5, noted Johannes B. Ullrich of the SANS Technology Institute. One is MSFA 2011-58, which deals with a crash caused when scaling an OGG <video> element to extreme sizes. The other is MSFA 2011-55, which addresses a flaw in Mozilla’s SVG implementation that could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler.
“One problem that was pointed out by various people is the fact that the addition of the <video> and <audio> tags requires the inclusion of respective file format parsers in the browser,” he blogged. “These parsers have been known in the past to be the source of various security issues.”
The two other critical advisories tied to Firefox 9 deal with a crash in the YARR regular expression library that could be triggered by JavaScript in Web content and several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of the memory bugs could be exploited to corrupt memory in certain circumstances and possibly to run arbitrary code, according to Mozilla.
In addition to the critical bugs, Mozilla also plugged a security hole classified as “high” risk that could be exploited to trigger a crash for Mac users. Also fixed was a bug that under certain circumstances could be used to enable a malicious Web page to fool a user into interacting with a prompt thinking it came from the browser or mail program. That vulnerability, MSFA 2011-56, was classified as “moderate.”
