The Mozilla Foundation has issued Firefox 1.0.4, a security update for the increasingly popular Web browser. This upgrade, which is free and recommended for all users, fixes two security problems relating to cross-site scripting and hacker remote access. The security holes came to light last weekend, prompting Mozilla to tell users they should temporarily disable JavaScript until the problems were repaired.