ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Attention Firefox 4.x users - Firefox 5.0 is your security update

By | June 22, 2011, 6:21am PDT

Summary: Yesterday Mozilla released Firefox 5.0 as part of its rapid development cycle. This has implications for Firefox 4.x users.

Yesterday Mozilla released Firefox 5.0 as part of its rapid development cycle. This has implications for Firefox 4.x users.

What implications? Well, basically the upshot is that Firefox 5.0 is a security update for Firefox 4.x users (Firefox 4.0 and it’s only update, Firefox 4.0.1 which was released in April). This means that is Fireflx 4.x users want access to security fixes, they need to upgrade to 5.0.

This has been confirmed by Asa Dotzler, community coordinator for Firefox marketing projects, on Mozilla’s mailing list:

That being said, there already has been a 4.0.x release and there may be another if a critical security issue arises that requires a “chemspill” unplanned emergency fix. But that would be an *unplanned* emergency release and not a planned one. The planned security update for Firefox 4 is Firefox 5.

So, unless Mozilla release an unplanned emergency fix for the Firefox 4.x line (I like the name ”chemspill”), users will need to go up to 5.0 for the security patches.

Worried about extension compatibility? According to Mozilla some 80% of extensions are compatible with this release, but that still leaves a good number of extensions that are currently incompatible. If you rely on certain extensions, then you could be caught between the rock of workflow disruption versus the hard place of exploitable security issues.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Security, Mozilla Firefox, Security Update, Web Browsers, Internet, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

44
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
TechInTulsa 28th Jul
@keebaud - No, a different browser won't have the add-ons. But if I have to live without them, I may as well do so using a browser that is not constantly nagging about updates.

@rtk - Thanks for the link to the Firefox release FTP site. Interestingly enough, it has folders for 2.0, 3.0, and 3.6 -- but not 4.
View in thread
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Cylon Centurion 22nd Jun
That's all fine and dandy, but how is Mozilla going about convincing 3.x users to upgrade? I still see a TON of users still using 3.x (My college campus included).
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Alan Smithie 22nd Jun
@Cylon Centurion

And how many fools are still using IE6 ?
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Cylon Centurion 22nd Jun
@Alan Smithie

Waay too many.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
keebaud@... 23rd Jun
@Alan Smithie 10.9% and counting...
http://www.theie6countdown.com/default.aspx
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
aataylor01@... Updated - 23rd Jun
@Alan Smithie ....Northern Alberta Institute of Technology demands IE6 for it's online courses.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
fairportfan 22nd Jun
@Cylon Centurion

If they use Google much, they'll be updating soon.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
pjotr123 22nd Jun
@Cylon Centurion
Mozilla released 3.6.18 on Juni 21st. That'll probably be the last update for 3.6, I think.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
dragonstar125 22nd Jun
@Cylon Centurion only wya is mozilla stop suporiing 3.x and 4.x harsh but needed i think....
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
LoverockDavidson 22nd Jun
FF5 has been working great so far for me. All the add-ons work with the exception of the garmin add-on. It says its not compatible but I ignored it. Haven't tested it out yet though.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
bigsibling Updated - 22nd Jun
Sheesh, I just got 4 a few months ago, now I have to install a whole new version and test it with the sites? What gives? If they are going to do a complete new release every few months, I'm ditching FF. Not that they care, mind you.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Greenknight_z 25th Jun
@bigsibling - It's mostly just the numbering system that's changed, not much in the way of new features in this update. As far as actually speeding up development, the only change with the new system is that releases won't be held up for new features that aren't ready - when a new release is due, it will be released with those features that are ready to go.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
AmraLeo 25th Jun
@bigsibling - I use Linux, so until now I had to completely install a new version of FF, but I went from 4.01 to 5.0 automatically, so it SHOULD do it by itself. AFAIK...
0 Votes
+ -
Big security issues.
IE9 22nd Jun
This is bad because this release does not use an automatic update mechanism.
Many people will stay vunerable to security issues solved in the FF 5.0 release which are now public knowledge.
Sysadmins will hate this big time as this is forcing them from patching to doing major update releases every few months.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
lehnerus2000 23rd Jun
@IE9
Automatic Updates is still listed in the Options > Advanced > Update section.
0 Votes
+ -
FF5 is not part of 'rapid' development; it is part of usual development, ..
DeRSSS 22nd Jun
.. with just numbers inflated -- as well as in Google's Chrome.
0 Votes
+ -
What's the matter Adrian, sour grapes?
Dietrich T. Schmitz, *~* Your Linux Advocate 22nd Jun
Or, are you hung up on versioning number schemes?

Here's how it work going forward, regardless of what is in the release.

Next version: take previous version number, add 1 to it.

That's it.

Questions? (wink)

Agile programming is the ticket!
Watch out Microsoft.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
aep528 22nd Jun
@Dietrich T. Schmitz, *~* Your Linux Advocate

This is NOT Agile programming. This is simply short-cycle iterative development, or simply shortening development cycles by reducing the number of features. Agile is about how the development team works together and delivers the CORRECT product of high quality, not simply how quickly they deliver.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
OffsideInVancouver 22nd Jun
@aep528

Well said. Also, the lack of auto-update is a pain in the arse.
0 Votes
+ -
You are misinformed.
Dietrich T. Schmitz, *~* Your Linux Advocate 22nd Jun
@aep528

h-t-t-p://www.developer.com/open/article.php/3860226/Mozilla-Firefox-Gets-More-Agile-with-Lorentz.htm
0 Votes
+ -
Buzzword of the month: Agile
otaddy 22nd Jun
@Dietrich

There are lots of software development fads. Why are you pushing this one all of the sudden?
0 Votes
+ -
Do some research. This is not a fad.
Dietrich T. Schmitz, *~* Your Linux Advocate 22nd Jun
@otaddy

From this point forward, you'll security/stability and bug fixes mixed in with enhancements.

Whereas, prior to 4 there were only security/bug fixes between major versions, with major versions released about once/year.

Pay attention!
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
facebook@... 23rd Jun
@otaddy Because DTS just read an article on the subject and did not understand what he read. He failed to realize that user stories, standups, scrum teams, and other critical components of Agile methodology are missing or curtailed. He failed to realize that the only component of Agile that the team has fully embraced is short-cycle iterative development work.

He saw a new word, he globbed on to it. Just like he saw Linux Security Module and failed to realize that such a method is only useful for monolothic kernels. He did not understand what he read and determined its applicability.
0 Votes
+ -
Grok Agile
Dietrich T. Schmitz, *~* Your Linux Advocate 23rd Jun
@facebook@... 


Twelve principles underlie the Agile Manifesto, including:[7]

    Customer satisfaction by rapid delivery of useful software
    Welcome changing requirements, even late in development
    Working software is delivered frequently (weeks rather than months)
    Working software is the principal measure of progress
    Sustainable development, able to maintain a constant pace
    Close, daily co-operation between business people and developers
    Face-to-face conversation is the best form of communication (co-location)
    Projects are built around motivated individuals, who should be trusted
    Continuous attention to technical excellence and good design
    Simplicity
    Self-organizing teams
    Regular adaptation to changing circumstances

Mozilla has all these well-covered.

Your Friends at Facebook are paging you. Go make a few friends there and write something clever.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
dry777@... 22nd Jun
My top 4 addons that I use everyday don't work in FF5. Anyone have a link to a FF4 install?
0 Votes
+ -
FileHippo
keebaud@... Updated - 23rd Jun
@dry777@... Every version from 5 on back. Thank you FileHippo. http://www.filehippo.com/download_firefox/9756/
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Stefan_E 22nd Jun
Normally, a main version number release should be a feature release. So my immediate reaction when FF pop-ed up a box about a security update to 5.0 was that I'm suffering some kind of system intrusion.

Was that impression intended? How do I make sure this pop-up was for real?
0 Votes
+ -
3.6.16
pgit 22nd Jun
Firefox 4 was unusable trash in my esteem. I'm still using 3.6.16 on my production machine.

It's on Linux, so I keep an eye on things but don't worry about exploits. (noscript deals with 90% of that on any platform)
0 Votes
+ -
Went Back to 4.0.1
rkipping 22nd Jun
Like dry777@ said.
Add-ons that are essential to my daily use failed.
I'll look for a different browser.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Cylon Centurion 22nd Jun
@rkipping

Wait a few days. The developers should be updating the addons.
0 Votes
+ -
Broken logic
keebaud@... 23rd Jun
@rkipping You aren't going to find your add-ons in a different browser are you. If the add-ons are worthwhile the devs will update them.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
TechInTulsa 28th Jul
@keebaud - No, a different browser won't have the add-ons. But if I have to live without them, I may as well do so using a browser that is not constantly nagging about updates.

@rtk - Thanks for the link to the Firefox release FTP site. Interestingly enough, it has folders for 2.0, 3.0, and 3.6 -- but not 4.
0 Votes
+ -
If you're a web developer ..
thx-1138_@... 25th Jun
@rkipping .. that knows how to reconfigure the browser from the ground up and have done extensive testing to determine and confirm the root cause of the extension's incapacity to work .. you might have a point. But i suspect you haven't got a clue.

I mean .. for real? Are you f'ing kidding me? Does it even register with you, at all, that addons and extensions are solely in existence due to their absolute reliance and dependence on the browser ecosystem???

... as the poster, keebaud, rightly points out, your logic is completely broken. Following your logic through to the train wreck it ends with, if an addon or extension is outdated and - by natural progression - also likely to be a work in progress: end-users should trash the browser. That's essentially analogous to advocating: if your car seat covers don't fit in your new sports car - trash the car and look for a car that fits your seat covers ...

... wow ... talk about warped reasoning.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
Joe McPlumber 22nd Jun
My wife told me today that Firefox wanted to update and she asked me if she should let it because FF4 broke so many of her extensions. I didn't think it would be anything /but/ a point release so i told her sure, go ahead. I'm in hot water now, thanks Mozilla you bastages. Aargh. Way to kill your fan base.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
I am Gorby 22nd Jun
Not Happy! I had been waiting for ZoneAlarm to come out with a version of their extreme security product that was compatible with FF4. The new version of ZA came out today. I installed FF5 (as that is the default version on the Mozilla site), but found out it was incompatible with ZA Extreme Security. (Well it works, but I have to turn off "browser security")

So I downloaded FF4 and installed that. I won't be happy if Mozilla keep upping their major release numbers, and causing my plugin to stop working.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
BitsNpcs 23rd Jun
Actually Mozilla had better be careful. Otherwise they will make the following true.

The quick Firefox jumped over the lazy dogs... and fell flat on its stupid face!

ColinF
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
BitsNpcs 23rd Jun
Actually Mozilla had better be careful. otherwise they might make the following true.

The quick Firefox jumped over the lazy dogs... and fell flat on its stupid face!
0 Votes
+ -
Which version?
jebswebs 23rd Jun
On my machines running FF v 4x, they automatically upgraded to FF v5 when I asked it to check for updates. The machines running v3x, I had to download v5 directly from the FF website. Ubuntu pushed out v5 automatically yesterday.
0 Votes
+ -
Mozilla has a fix
Greenknight_z 25th Jun
To make your extensions work, go to the Mozilla Add-on site and install the Add-on Compatibility Reporter extension. This enables your incompatible extensions, and puts a link next to each so you can report if it works correctly or not.

Be careful, though; this can cause problems, though it's not likely with an update with as few changes as this one.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
avasmooch 26th Jun
Does anyone know if (yet)/when FF5 is compatible with McAfee? This is a huge concern.
0 Votes
+ -
RE: Attention Firefox 4.x users - Firefox 5.0 is your security update
mab999 26th Jun
I updated to 5.0, and there was nothing but continual crashes after this...I've uninstalled and gone back to 4.0. Any recommendations for this frustration?
0 Votes
+ -
You could try ..
thx-1138_@... 26th Jun
@mab999 .. disabling and testing your plugins / extensions first (if any). It is more likely you have a addon / plugin that is causing the crash. The reason i say that, is that i had a similar incident with FF 4.0.1 and fixed it after testing the various addons i had installed and finding the culprit.

Failing the cause being a rogue addon, you really only have one other out: uninstall ~ re-install.

To ensure you get it right, do a complete uninstall. That means having to clean out the registry, temp folders and any system reference files / directories pointing to Firefox (an example being: C:\Documents and Settings\ATC\Application Data\Mozilla).

I know it's a drastic set of measures but, again, if you have eliminated a plugin / addon as being the culprit, the last option may be your best out.

Either way, good luck in finding the fix.

happy
0 Votes
+ -
Firefox Recent Strategy - A Recipe for Failure?
ep-man 27th Jun
Oh Adrian Kingsley-Hughes. check out this recent article from PC World titled "Firefox Strategy Is a Recipe for Failure" posted here:
http://www.pcworld.com/businesscenter/article/230868/firefox_strategy_is_a_recipe_for_failure.html

what is your opinion on what that PC World article says about Firefox?
0 Votes
+ -
Chrome is my security update to FF4
TechInTulsa 28th Jul
I'm one of those users using add-ons that are not compatible with FF5. I only see the compatibility problem getting worse with the 6 week release cycle. Given that and the extreme arrogance Mr. Dotzler has exhibited regarding this matter in several blog comments, I have decided to cut the cord now rather than later and have stopped using FF almost entirely. Now it is relegated to browser compatibility testing. I have also ceased recommending it to other users as an alternative to IE.

So long, Mozilla. It was fun while it lasted...

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix