Mozilla has fixed 13 security flaws in the latest stable release of Firefox web browser, Mozilla Firefox 38, including 5 critical flaws, 5 high-risk bugs and 2 moderately rated vulnerabilities in Firefox 38.
List of important fixes included:
- Out-of-bounds read and write vulnerability in the JavaScript subset “asm.js” during the validation procedure, whose exploitation could lead an attacker to read parts of the memory that may contain users sensitive data.
- Buffer overflow in the way the browser parses compressed XML.
- Includes a feature that enables the use of DRM-enabled (Digital Rights Management-enabled) video content in Firefox.
- Includes integration with Adobe Content Decryption Module (CDM), allowing users to play DRM-wrapped content in HTML5 video tag.
- The designed sandbox that encompasses CDM, restricting interaction with sensitive parts of the system and the browser.
- Also offering a version of Firefox 38 that doesn’t include CDM component from the browser.
Resource:
Security Advisories for Firefox
DRM and the Challenge of Serving Users
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
