Firefox gets security fix

Mozilla on Wednesday released an update to its popular Firefox web browser that fixes a dozen vulnerabilities, seven of which it deems "critical".

The most serious of the flaws could be exploited by cyber attackers to commandeer a vulnerable PC, according to Mozilla. The company, which oversees Firefox development, has published security advisories for each of the flaws repaired by the Firefox update.

The flaws are fixed in Firefox 1.5.0.5, which Mozilla has started pushing out to Firefox users via the update feature in the open source web browser. In addition to the security fixes, the browser update includes stability improvements, as well as changes for the Frisian version for some users in the Netherlands, Mozilla said.

Mozilla said on its website: "Firefox 1.5.0.5 is a security update that is part of our ongoing programme to provide a safe internet experience for our customers. We recommend that all users upgrade to this latest version."

Security monitoring company Secunia rates the update as "highly critical", one notch below its most serious ranking.

Mozilla also released updates for its SeaMonkey suite of applications to address security issues that apply to those programs.

While some of the security flaws may affect the earlier 1.0 versions of Firefox, Mozilla is not providing updates for those releases. Its version 1.0.8 was the last refresh for the 1.0.x line of Firefox. All users are advised to upgrade to the 1.5.0.5 version. The 1.0.8 version came out in April.

Developers are working on Firefox 2, the next major version of the web browser. Mozilla earlier this month shipped the first beta of the new browser, which includes such features as a phishing shield to protect against information thieving online.

Microsoft, meanwhile, is putting the final touches on Internet Explorer 7, a reinforced version of its web browser. Designed, in part, in response to competition from Firefox, IE 7 is due out in the fourth quarter of this year.

Joris Evers writes for CNET News.com