Mozilla late Tuesday patched 13 bugs in Firefox, nearly half of them labeled "critical," as it closed support for the two-year-old Firefox 2.0 by releasing that version's final security update.
The update patched slightly more vulnerabilities in Firefox than the last two security updates in November and late September.
Firefox 3.0.5 fixes a total of 11 flaws, six rated "critical," one "high," one "moderate" and three "low" in Mozilla's four-step scoring system. Most of the critical bugs could be used by hackers to crash the browser, introduce their own malicious code into a vulnerable system or both.
Mozilla also updated the older Firefox 2.0 line to Version 220.127.116.11, patching 10 vulnerabilities in all, eight of them shared with 3.0.5. Of the total, only three were rated critical.
As per Mozilla's support policy, Tuesday's Firefox Version 18.104.22.168 was the final security update for the browser that debuted in October 2006. "Mozilla is not planning any further security and stability updates for Firefox 2, and recommends that you upgrade to Firefox 3 as soon as possible," said Samuel Sidler, a Mozilla engineer, in a post to the "mozilla.dev.planning" message group Tuesday. "It's free, and your settings and bookmarks will be preserved."
Although the older browser is now officially retired, users can, of course, continue to use it. However, as Sidler mentioned, Mozilla has urged users to upgrade to Firefox 3.0, which launched last June. Since then, it has twice offered what it dubs a "major update" to users of the older browser, hoping to get them to move up. The most recent upgrade offer went out two weeks ago. Mozilla plans to make one final offer sometime early next month.