Firefox Updated to 1.0.4

Exstatica writes "Firefox has been updated to 1.0.4 and they have fixed a few critical security holes, all javascript vulnerabilities. The Mozilla Foundation announced these vulnerabilities May 7th. 'There are currently no known active exploits of these vulnerabilities although a proof of concept has been reported." You don't have to upgrade, but it's recommended.'" We've reported on these vulnerabilities previously.

Update process...

[sznupi]

yes, I know the arguments behind it...but it would be relly nice if update didn't involve simply downloading installer (on mine 128kbps it's so so...and on slower?)

Quick and serious on security

[xiando]

These issues were announced on Monday, and now a security release is available. This shows how professional the Mozilla Foundation has become and how serious they take security issues. Good work! Security problems will inevitably appear from time to time in all kinds of software, how these issues are handled is to me just as important as the software itself. Good job!

Already upgraded

[Walkiry]

Posting from 1.0.4 right now. Funny thing, after I upgraded and restarted the browser, I still had the "updates available" little red arrow on the top right corner of the browser. After checking for upgrades (and finding none), it's disappeared. Bug? Leftover registry entry or config file from 1.0.3?

Re:Already upgraded

[hotdiggitydawg]

I noticed the same thing in 1.0.2 and 1.0.3 too.

Re:Already upgraded

[A beautiful mind]

Not related to your syxtem, but if someone is on linux and using debian for example, they disable the update functionality for the browser for the browser itself and allow it for the extensions only. This is to ensure that firefox gets updated by the package manager, in the example's case: apt-get.

It has reportedly sometimes the bad effect that the red update arrow stays red forever.

Impressive

[PenguinBoyDave]

While I don't care for the update process, I am exceedingly impressed that Mozilla makes fixes so quickly, and doesn't try to hide them (like another browser company has done in the past). Professionalism...very nice to see this from Mozilla. Kudos!

exe crashes explorer when viewed accross SMB share

[Anonymous Coward]

I copy the exe installer into a folder on a windows share, explorer crashes when I access the folder from certain clients. Same happened with 1.0.2 but not with 1.0.3

I wildly guess it's a race condition or something arising from reading the embedded icon resourse as that doesn't show? No I don't really have a clue what causes it.

All machines are fully patched W2K, thank buddha for memory sticks!

c'mon! Let's break some FF extensions!

[denis-The-menace]

Why can't we have extensions that don't die just because they changed the release number?

Extension authors can't keep up.
Mozilla Update is slow to update itself.
and Users like me are left looking to google for help.
Silly me thought Mozilla Update there to centralized things.

Re:Many Eyes ?

[rah1420]

I kick myself in advance for replying to an AC, but what do you define as "quite a few?" More than IE? How about resolution -- faster than IE?

This sounds suspiciously like flamebait.

Re:Great

[Anonymous Coward]

Bullshit. Microsoft fixes a lot of problems quickly but the monthly release schedule that they have moved to means that you'll only get those patches every four weeks unless it's critical.

Good, but I wish there was remote updating

[Anonymous Coward]

As a system admin for our company, every new Firefox release means that I will have to go around to 150 workstations and manually reinstall the browser again to keep it up to date. I wish there was some sort of way to remotely update the browser on all machines or a way to patch vulnerabilities without a full reinstall.

Re:Update process...

[cyways]

How about just including an Update entry somewhere in the menus? As far as I can tell, there's no menu item or icon that automatically takes you to an update site or checks to see if an update is available. My 1.0.3 version running on Windows didn't display the update icon this morning, so I eventually clicked on the circle icon to go to the Firefox home page. Guess what? No mention of an update there, or any link to the downloads page either.

Middle click new tab on Mac

[Feng]

Does middle clicking on a link open a new tab for OS X yet? The last I heard you had to patch FF to enable this feature. Middle clicking works fine on Safari, it's one feature I really miss when using FF on OS X.

Amazingly fast response

[jbarr]

My wife pointed out an article on Google News (that I had already seen earlier) showing that Firefox had some security vulnerabilities. She winced because I had just converter her to Firefox. I told her not to worry. I said, "Mark my words, there will be a security fix within a week." Well, today the fix was released and she was impressed. Not only has the Firefox development team improved the product, but they have made my wife happy! Life is good!

Re:One of the reasons i use Firefox.

[3terrabyte]

True. True.
I switched to Firefox because I was sick of using IE. Ever since I've switched, AdAware has found ZERO spyware/malware incidents!

To IE's meager defense, I'm sure there might have been a setting somewhere that might have tightened up the holes, but switching to Firefox has been easier. Plus, I'm addicted to the tabbed browing.

Re:Update process...

[88NoSoup4U88]

So can you tell me what the argument(s) behind it are ?

I find it very strange that the people I have converted (mostly not too tech-savvy) to using Firefox, still have to make re-installs themselves.

Firefox speed.....

[SammysIsland]

Back in the day when I first downloaded FireFox, one of my favorite parts of using it was how fast it would load up the first window when opened. It was almost instantaneous.

The more I use it, the longer this actions takes. It doesn't matter if I clear cache and cookies, un-install plugins, or just plain uninstall and reinstall the browser.

Is it simply the newer versions that cause it to load so slowly? My roommate has the same problem. Is anyone else experiencing this and is there an answer?

Responses greatly appreciated. Thanks.

Re:IE still #1 a-ok

[Anonymous Coward]

> With my hardware firewall, and ActiveX disabled I am not afraid to use IE.

That's what I thought, too, until about a year ago.

I caught a trojan on my "good" box - the one I use for online banking. Firewalled behind a hardware NAT router with SPI and with the XP firewall added in for good measure. No pr0n- or warez-sites visits. No e-Mail. All patched up according to Windows Update. I'm the only one who had access to that system. No warezed stuff installed. Antivirus and SSD active and updated.

That was scary.

I stopped using IE right there and then.

Re:Yes, but ...

[tyler_larson]

... as soon as the first proof of concept evolves into a worm...

Point taken, but let's bear in mind that this POC can't evolve into a worm. It can't even evolve into an exploit now that the only site on the default whitelist no longer exists.

That's why they didn't put out a stop-gap fix release at the beginning of the week--the threat had passed completely.

Firefox developers got lucky this time--they could remove the threat with a simple server-side modification. With most vulnerabilities of this severity, that's not an option.

Re:IE still #1 a-ok

[WARM3CH]

Well, generally I agree with you. However, when it comes to correctly rendering UTF-8 pages, specially with Arabic characters, firefox has some very well known bugs that have not been fixed now for ages. The most annyoing one is a bug in rendering arabic decimal number: It shows all numbers like 1.4 as 4.1! Of course, IE renders such pages perfectly.

Update conflicting with my firewall?

[uther28]

I have norton internet security installed on my computer and when I installed the new update for firefox I can no longer access the internet with firefox (using IE right now, something which I would like to stop as soon as possible). When I disable norton's firewall firefox works. Anyone have this problem as well and maybe know how to fix it?

Nightly build....

[Anonymous Coward]

As far as I could tell Mozilla had a fix before the exploits where made public. I downloaded the nightly trunk version of FF a couple of days before the exploits went public and found that the issue was allready resolved =)

Re:Doing the .exe shuffle

[suwain_2]

The real question is... Why has your administrator disabled firefox?

Re:IE still #1 a-ok

[masklinn]

renders sites better than Firefox

I *really* hope you were joking when you wrote that down, because it's one of the most beautiful pieces of bullshit i've read today...
Please do pay a visit to the CSS Zen Garden [csszengarden.com] and compare IE renderings to FF renderings.
the Special Effects Designs [mezzoblue.com] are the most interresting ones in terms of IE sucking badly, BTW...

Re:Yes, but ...

[Anonymous Coward]

You say the interface is "less friendly than IE", but what you really mean is: "I'm used to IE, and it's not identical to IE." I use FF exclusively on my computer, but on some computers sometimes, I have to use IE, and /I/ find the IE interface "less friendly than" FF, because I'm used to FF. It's all personal preference, neither is really better.