14 DAY TRIAL // Mozilla rushed out a new minor revision for their web browser, Firefox, bringing the build number to 16.0.2. The reason for this version bump is a critical security flaw relating to “Location” object.
The details are pretty technical for this one, but as a result of this fix Mozilla eliminated possibility of a cross-site scripting (XSS) attack on users.
This vulnerability consisted of the fact that the true value of “window.location,” which contains details about the URL of the document and offers the possibility to change it, could be obfuscated by user content. Combined with some plugins, an XSS attack could have been launched on the user.
The full details can be found here.
Firefox 16.0.2 has already been pushed to the users via the automatic update mechanism.
Windows
Download Firefox for Mac
Download Firefox for Linux
Download Firefox for Android