Correction and update:This post was updated at 1:53 p.m. with a corrected headline (the word "patched" was missing) and additional and winnowed information on the security holes.)

Mozilla published a critical security upgrade for Firefox Friday evening. Version 3.0.8 for Windows, Mac, and Linux fixes two security holes listed as "critical."

One patched an arbitrary code execution hole through an XUL element, and the other corrected an XSL stylesheet exploit. Both fixes patch crash-based security holes in which remote codes could have been run.

The release notes for Firefox 3.0.8 are available here.