Mozilla has released Firefox 18.104.22.168, a security upgrade.
Firefox 22.214.171.124 includes a fix for firefoxurl:// security exploit, which allows an attacker to use Microsoft Internet Explorer to trick Firefox into executing malicious code. Whether Firefox or IE is responsible for the flaw has been a matter of debate over the past week. The Mozilla Foundation security advisory about the firefoxurl:// issue maintains that it’s a problem in IE and notes that other applications could be exploited in the same way. Others have argued that it’s Firefox’s responsibility to vet incoming data (something 126.96.36.199 now does).
You should be presented with an update offer within the next 24 hours or you can activate it now by going to Help then select Check for Updates… See complete Firefox 188.8.131.52 Release Notes for full details of this upgrade.
Also for those Fx 2.0 users on the Nightly Channel, you should start getting updates labeled as version 184.108.40.206pre in next couple days.
Attention Firefox 1.5 Users: There is NOT a security update for the Firefox 1.5 builds. Mozilla no longer supports these builds as of May 30th with the release of Firefox 220.127.116.11. Users are strongly urged to upgrade to Firefox 2.0!!!