Mozilla Corp. yesterday patched 10 vulnerabilities in its older browsers, marking the end of security support for 2008's Firefox 3.0.

Eight of the 10 flaws also apply to Firefox 3.6 but were actually patched last week as part of the update to Version 3.6.2. At the time, Mozilla revealed only 10 of the vulnerabilities addressed in the newer browser; it withheld information on the others until yesterday, when it released updates for Firefox 3.0.19 and 3.5.9.

Mozilla accelerated the delivery of Firefox 3.6.2 -- it typically updates all versions of its browser simultaneously -- to patch a vulnerability announced by Russian Evgeny Legerov, who had published exploit code in his VulnDisco add-on for Immunity Security's Canvas penetration testing kit.

More: http://www.computerworld.com/s/article/9174534/