I was surprised at the message Firefox popped up just now. It prompted me that Firefox 2.0.0.5 is ready for installation and I did. I must have missed this update on my RSS feed reader. In any case, I’ve checked the release notes to see what’s with this latest incarnation.

Apparently, this is more of a security fix addressing the following issues:

• XPCNativeWrapper pollution
• Unauthorized access to wyciwyg:// documents
• Remote code execution by launching Firefox from Internet Explorer
• File type confusion due to %00 in name
• Privilege escallation using an event handler attached to an element not in the document
• Frame spoofing while window is loading
• XSS using addEventListener and setTimeout
• Crashes with evidence of memory corruption

One thing to do after though, for Windows users with Java 6.0u1, you’ll be prompted that this release is incompatible with this Firefox release. While Java will work, you just won’t see the Java console in the Tools menu. In any case, you may choose to upgrade to JRE6.0u2 for a compatible version. But that’s a 60+MB download.

Download Firefox 2.0.0.5 here.