According a spokesman for the company, the updates were released late in the day on Sept. 14th. Users should receive automatic updates over the next few days, the spokesman said.
Researchers at Secunia, an Internet security firm, called the flaws “highly critical,” saying that they can be exploited to “conduct man-in-the-middle, spoofing and cross-site scripting attacks.”
Researchers at Secunia also said the security holes could “potentially compromise a user’s system.
According to research firm OneStat.com, Firefox now accounts for about 13 percent of the browser market, making it a more attractive target for hackers, who have traditionally focused their efforts on Microsoft’s Internet Explorer.
In addition to making four critical security patches, developers at Mozilla said they also addressed three “less critical issues.” A spokesman said the updated version of the browser also offers “some stability enhancements.”
In all, the company said it fixed seven total issues with the release of Firefox 1.5.0.7.
In the meantime, the company has named former Microsoft security strategist Window Snyder as its new security chief.
With the unusual title of Chief Security Something, Snyder has pledged to beef up the browser’s defenses by plugging holes and doing away with excess lines of code.
"We want to reduce the overall risk [to Firefox] by evaluating where there are unused features, and then getting rid of that old code,” Snyder said. “We want Firefox to have a tighter code base. Just counting up the bugs is not a good measure of how secure an application is."
