Mozilla and Google both patched critical vulnerabilities in their browsers this week. Of the two, Mozilla plugged the most security holes. The company fixed 11 vulnerabilities in a June 11 update to Firefox. More than half of the bugs were labeled as 'critical.' Three of the critical bugs were in the browser's rendering JavaScript engines and in certain circumstances result in memory corruption that could result in arbitrary code execution, according to the Mozilla advisory. The other critical patches cover a JavaScript chrome privilege escalation issue, an arbitrary code execution using event listeners attached to an element whose owner document is null and a race condition while accessing the private data of a NPObject JS wrapper class object.

On June 9, Google plugged two security holes with the release of Chrome version 2.0172.31. The fixes address two problems in Webkit.

Finally, Mozilla also recently released a preview of Firefox 3.5.