Mozilla developers are scrambling to fix a new Firefox browser bug being used by criminals to install malicious software on victims' computers.
The flaw was uncovered Tuesday by security vendor Norman, which said that it learned of the bug after analyzing attack code surreptitiously installed on the Nobel Peace Prize website. "If a user visited the Nobel Prize site while the attack was active early Tuesday using Firefox 3.5 or 3.6, the malware might be installed on the user's computer without warning," Norman said in a press release.
In a blog posting, Mozilla confirmed that the attack exploited a previously unpatched flaw, and said it had heard from "several security research firms" that this attack code has been used on the Internet.
"We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested," Mozilla said in its blog post.
More: http://www.pcworld.com/article/208878/
............................................................................................
The flaw was uncovered Tuesday by security vendor Norman, which said that it learned of the bug after analyzing attack code surreptitiously installed on the Nobel Peace Prize website. "If a user visited the Nobel Prize site while the attack was active early Tuesday using Firefox 3.5 or 3.6, the malware might be installed on the user's computer without warning," Norman said in a press release.
In a blog posting, Mozilla confirmed that the attack exploited a previously unpatched flaw, and said it had heard from "several security research firms" that this attack code has been used on the Internet.
"We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested," Mozilla said in its blog post.
More: http://www.pcworld.com/article/208878/
