Articles in “Press”

Heartbleed Security Advisory

Issue OpenSSL is a widely-used cryptographic library which implements the TLS protocol and protects communications on the Internet. On April 7, 2014, a bug in OpenSSL known as “Heartbleed” was … Read more

Investigating Security Vulnerability Report

Update – August 5, 2013 Issue Mozilla was notified on August 4, 2013 of a potential security vulnerability with Firefox 17 (current general release is Firefox 22). Upon investigation we … Read more

Responding to Claims of Compromise

Issue A hacking group called “AnonGhost” is claiming they have compromised “Mozilla Emails Managers” and exposed the email address and a 16-character value for 50 accounts. Upon investigation we’ve determined … Read more

Putting Users in Control of Plugins

Mozilla is changing the way Firefox loads third party plugins such as Flash, Java and Silverlight. This change will help increase Firefox performance and stability, and provide significant security benefits, … Read more

Revoking Trust in Two TurkTrust Certificates

Update: For clarification, the last sentence of this post references our actions to suspend inclusion of a TURKTRUST root certificate. There are currently two TURKTRUST root certificates included in Mozilla’s … Read more

Mozilla’s Commitment To Security

October is National Cyber Security Awareness month and we want to take the opportunity to reiterate Mozilla’s security commitment to the Web. From Firefox for Windows, Mac, Linux and Android to … Read more

Security Vulnerability in Firefox 16

Update (Oct 11, 2012) An update to Firefox for Windows, Mac and Linux was released at 12pm PT on Oct 11. Users will be automatically updated and new downloads via … Read more

The Importance of Good Metrics

There has been some interest in the last few days about a recent report from a company called Bit9 about application vulnerabilities. While we’re always happy to see stories that … Read more