// // Alternatively, the contents of this file may be used under the terms of // either the GNU General Public License Version 2 or later (the "GPL"), or // the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), // in which case the provisions of the GPL or the LGPL are applicable instead // of those above. If you wish to allow use of your version of this file only // under the terms of either the GPL or the LGPL, and not to allow others to // use your version of this file under the terms of the MPL, indicate your // decision by deleting the provisions above and replace them with the notice // and other provisions required by the GPL or the LGPL. If you do not delete // the provisions above, a recipient may use your version of this file under // the terms of any one of the MPL, the GPL or the LGPL. // // ***** END LICENSE BLOCK ***** ?>

Security Update - ShellBlock

ShellBlock is a security fix update for Bug 250180. It disables the ability to call the shell protocol from within affected Mozilla programs. The shell protocol allows applications to call Windows Explorer using the protocol to run the file specified on the local machine. This update is for users of Mozilla 1.x (up to Mozilla 1.7), Mozilla Firefox (up to 0.9.1), and Mozilla Thunderbird (up to 0.7.1) on Microsoft Windows 2000 and XP only.
Mozilla 1.7.1, Firefox 0.9.2 and Thunderbird 0.7.2 have been released with this fix included.
For more information on the issue, read What Mozilla Users should know about the shell: protocol security issue.