Mozilla Firefox 24 Updates Security Flaws

Firefox comes installed on many Linux machines, but past performance issues have led many Linux users to switch default browsers. While Google Chrome is a closed-source browser, it remains competitive with Firefox. Chrome is not as customizable as Firefox, but it's fast and integrates updates better than Firefox. The open-source Firefox is much more customizable and has a huge extensions library that appeals to Linux users, but it can be a bit of a resource hog and updating it requires more work. While it has a smaller following, the fairly customizable Opera appeals to Linux users with slow Internet connections.

Last week, Firefox was released for all Linux Ubuntu versions. Other Linux users can download the new release from Mozilla.

Firefox 24 features

Firefox 24's security updates and protection from malware may lure some Linux users back to Mozilla. Ten critical vulnerabilities are addressed in Firefox 24, including memory management errors that leave the system vulnerable to malicious code. The updated browser also features improved debugging, improved page loading and a "close tabs to the right" feature. Security patches will also improve browser performance to hopefully minimize some of the crashing longtime Firefox users have come to know — crashing that can leave the browser vulnerable to hackers.

The latest version also removed support for certificate revocation lists (CRLs), an outmoded form of authorizing SSLs that are not supported by mobile versions of Firefox or Google Chrome. Additionally, Firefox 24 contains a number of improvements for Thunderbird, the free open source email client from Mozilla.

Implications for security

The latest update spells good news for Firefox users: The security patches limit the installation of malware or malicious code. Prior to these patches, a hacker could install malware on a Linux machine, and the malware could then be triggered by nothing more than normal Firefox browsing. High threats allow hackers to gather sensitive data from websites on a user's computer or to inject code into websites that would then be used to harm others' computers.

Mozilla maintains a Security Advisories for Firefox webpage where users can track different bugs by critical, high, moderate or low severity level. Seventeen different security advisories were fixed in Firefox 24.

Linux system requirements

Mozilla imposes the following system requirements for Linux users. Linux distribution platforms may offer other versions of Firefox 24 that come with different system requirements. At minimum, Linux users need the following core element for Firefox 24 to run:

• GTK+ 2.18 or higher
• GLib 2.22 or higher
• Pango 1.14 or higher
• X.Org 1.0 or higher
• libstdc++ 4.3 or higher

For enhanced performance, Mozilla recommends that users also have at least NetworkManager 0.7, DBus 1.0, HAL 0.5.8 and GNOME 2.16 installed.
Source : Noobslab