Upgrade to Firefox 1.0.2 and Thunderbird 1.0.2

Mozilla have today released a small but important upgrade to Firefox: version 1.0.2, which offers just 3 fixes for potential problems:

• buffer overflow when using an obsolete Netscape extension for GIF processing
• malicious sidebars that could load nasty code into the browser
• a variation on a problem fixed in 1.0.1, the firescrolling bug, in which dragging components could hijack and run privileged XUL code

The first fix here is the most dangerous one, as the NS extension is actually still part of the library used in Firefox, Thunderbird and the Mozilla Suite.

Thunderbird was also upgraded yesterday, with 1.0.2 quietly replacing the previous download on the site. A few more fixes in this one, the other important one being a potential problem if users download .pif, .lnk, or .url files twice via the mail app.