Mozilla has released Firefox 22.214.171.124, a security upgrade.
Firefox 126.96.36.199 includes a fix for firefoxurl:// security exploit, which allows an attacker to use Microsoft Internet Explorer to trick Firefox into executing malicious code. Whether Firefox or IE is responsible for the flaw has been a matter of debate over the past week. The Mozilla Foundation security advisory about the firefoxurl:// issue maintains that it’s a problem in IE and notes that other applications could be exploited in the same way. Others have argued that it’s Firefox’s responsibility to vet incoming data (something 188.8.131.52 now does).
You should be presented with an update offer within the next 24 hours or you can activate it now by going to Help then select Check for Updates… See complete Firefox 184.108.40.206 Release Notes for full details of this upgrade.
Also for those Fx 2.0 users on the Nightly Channel, you should start getting updates labeled as version 220.127.116.11pre in next couple days.
Attention Firefox 1.5 Users: There is NOT a security update for the Firefox 1.5 builds. Mozilla no longer supports these builds as of May 30th with the release of Firefox 18.104.22.168. Users are strongly urged to upgrade to Firefox 2.0!!!
of course it’s microsoft’s fault. they still have security vulnerabilities in IE7 that came from version 3,4,5, of IE