The Mozilla Labs project Weave is surely getting some heat. Mozilla has announced that a new version of Weave is now available. The latest version is Weave 0.4.0. We heard about the recent developments of Fennec and the launch of Mozilla Firefox 3.5 and one thing that brings a relation between the two is a Mozilla addon Weave. In the words of Mozilla “Weave Sync is a prototype that encrypts and securely synchronizes the Firefox experience across multiple browsers, so that your desktop, laptop and mobile phone can all work together.”

The development of Weave has been little on the slower side but the latest development is indeed promising. With Weave you can sync all the settings and preferences between your Firefox web browser on different machines. The most exciting part about the latest version is that it will now support Feenec web browser as well. The will now work with all the new devices such as Windows Mobile and Maemo devices.

The latest version of Weave will also sync automatic login, including use of OpenID logins. Further it is said to be more stable than the previous versions. Weave is indeed a nice bit of software which might turn out to be very crucial in increasing the popularity of the Fennec.

Mozilla Firefox is the web browser of choice when it comes to the tech savvy. We use it and often abuse it by installing in more than sufficient Firefox extensions which hogs lot of system resources. An application called Prism by Mozilla can certainly help you if you visit same sites again regularly. Prism is a Mozilla application which lets users to run websites like an application in your desktop. If you use Gmail or other websites where there is heavy use of AJAX then it makes better sense to use Prism to run such websites.

Prism is both performance efficient and quick while you can also use it to replace all the chatting applications. You can run online version of the famous messengers like MSN, GChat and Yahoo Messenger with Prism and it makes for a nice replacement of the applications of these IM clients which you need to download.

You just need to install Prism and put in the URL of the web messengers and that would make an alternative of chatting clients.

The following URL’s can be used for corresponding IM services.

MSN Messenger: http://webmessenger.msn.com/

Yahoo Messenger: http://webmessenger.yahoo.com/

GChat: http://webmessenger.yahoo.com/

The Mozilla Foundation has published a fix for a “critical” JavaScript vulnerability in the Firefox browser and the SeaMonkey. This week the fix was released which targets Firefox versions 2.0.0.2 and 1.5.0.10, as well as SeaMonkey versions 1.1.1 and 1.0.8. An earlier fix for a JavaScript problem allowed scripts from Web content to execute arbitrary code, the Mozilla Foundation said.      

The vulnerability allowed uniform resource identifiers, or URIs, in image tags to be executed even if JavaScript was disabled
in the program preferences, Mozilla said.

Disabling JavaScript does not protect against the flaw, so the foundation recommended that users upgrade the applications to new versions. Mozilla’s Thunderbird e-mail client was not affected by the vulnerability

According to an article on macworld.com. Adobe will contribute source code to the Mozilla Foundation as the two organizations aim to establish a standard scripting language that developers can use to create interactive applications for Adobe’s Flash Player and Mozilla’s Firefox browser.

The plan calls for Adobe to hand over source code from its ActionScript Virtual Machine, the scripting language engine in its Flash Player, the organizations will announce Tuesday at the Web 2.0 Conference in San Francisco.

With the Adobe source code, Mozilla will host a new open source project called Tamarin to implement the final version of a standard scripting language in Firefox’s ScriptMonkey JavaScript engine.

Adobe will participate in Tamarin as well. Adobe’s contribution is the largest made to the Mozilla Foundation since its inception, according to the organizations.

The standard scripting language that Tamarin will implement in Firefox is ECMAScript 4, now being developed by standards body Ecma International. Sun Microsystems’ JavaScript and Microsoft’s JScript are both based on ECMAScript, which is currently in its third version.

Tamarin’s ultimate goal is to “unify” scripting across Firefox and Flash and thus give Web developers an open source virtual machine for developing and deploying rich, interactive applications across both platforms, according to the organizations.

The effort should yield better compatibility, integration, and stability between Flash and Firefox and make it easier for developers to work with the two environments, said Michael Goulde, a Forrester Research analyst.

The final version of Mozilla Firefox 2.0 was slated for release on Tuesday, but appears to already be available for download via the company’s servers (releases.mozilla.org). Firefox 2.0 Release Candidate 3 (RC3) — which the Mozilla Foundation released last week — did well among those users who downloaded and tested the software, according to the company.

The final version of Firefox 2.0 was expected to be released on Tuesday, October 24th. Firefox 2.0 features built-in anti-phishing controls, built-in RSS and XML feed-viewing capabilities, and a new inline spell checker.

Further Firefox 2.0 features include the ability to create bookmarks with “Live Titles” for websites that offer “microsummaries,” a new Add-ons manager that simplifies management of extensions as well as themes, and support for JavaScript 1.7.

Mozilla developers  spent several days this week with the Windows Vista team at Microsoft’s Redmond, Wash. campus and said that they’re considering implementing a security feature in the upcoming OS to better protect future versions of Firefox from attack.

Vladimir Vukievi, who was one of the Mozilla team to take up Microsoft’s August offer of Vista assistance, said that Vista’s “Low Integrity Mode” might make Firefox less susceptible to exploits.

Low Integrity Mode, which is part of the Vista User Account Control (UAC) technologies that are meant to make it more difficult for attackers to install their code on PCs, is similar to “sandbox” techniques that wall off an application from the rest of the operating system, According to an article on Techweb

By reducing the browser’s rights, Low Integrity Mode prevents a compromised or vulnerable application from making changes to the OS or other apps.

Internet Explorer 7 in Vista will make use of Low Integrity Mode as part of what Microsoft calls “Protected Mode.” “We spent a while talking to members of both the UAC team and the IE team about ideas on how to structure our app for the lowest permission level,” wrote Vukievi on his blog. “I have some ideas on how we could do this in a cross-platform way, taking advantage of UAC on Vista, and dropping privileges on Linux/Mac OS.”

Vukievi said that Mozilla’s developers will consider if this is possible for the next major version of Firefox, v. 3.0, which is currently on the planning board for a 2007 release. “I think that it would force us to evaluate exactly where the browser touches the rest of the system, and to figure out how to tighten the security around those interactions,” he added.

Even before the three-day confab in Redmond, Mozilla was talking about beefing up Firefox security. In an interview last month, Window Snyder, the new head of security at Mozilla, said that the company would look for Firefox to “have fewer entry points into the system.”

“Implementing this is very much a mitigation to reduce the impact of vulnerabilities rather than reducing the vulnerabilities themselves,” said Vukievi. “But that’s a pretty important goal.”