“Here’s a wake-up call for those who ditched Internet Explorer for Firefox, believing it’s more secure than Microsoft’s much-attacked browser:
Proof-of-concept code targeting security holes in Firefox and the Mozilla Suite have started appearing on public mailing lists. An attacker could exploit the flaws to launch malicious code. But users can protect themselves by updating to Firefox 1.0.3 and Mozilla Suite 1.7.7.
“These exploits allow the attacker to run arbitrary commands on Firefox before version 1.0.3 and Mozilla before version 1.7.7,” Mikko Hypponen, director of AV research for Finish security firm F-Secure Corp., said in the lab’s daily blog. “We advise all Mozilla and Firefox users to immediately patch their browsers. Otherwise you might get nasty stuff happen[ing] on your computer just by surfing to the wrong site.” ”
[Continue reading Critical Firefox flaws targeted by exploit code]