Mozilla on Wednesday patched five vulnerabilities, three of them critical, in older editions of Firefox and in the process extended the support life of Firefox 3.0 by at least one more month. The newest Mozilla browser, Firefox 3.6, already contains the patches.
Firefox 3.5.8 and Firefox 3.0.18 address three critical flaws in the browsers' Gecko rendering engines, the HTML parsers, and their implementations of Web Worker, an enhanced scripting functionality that lets site developers shift JavaScript computations to a background thread to reduce the performance hit on Firefox's user interface.

Hackers able to exploit any of the three critical bugs would be able to inject their own malware onto the machine, Mozilla noted in the accompanying advisories. "Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code," read the advisory dedicated to the browser engine issue.

The link for this article located at Network World is no longer available.