Less than 48 hours after receiving a report of a critical flaw in Firefox, Mozilla issued an emergency update on Wednesday that patched the problem.
Around mid-day Pacific time today, Mozilla released Firefox 3.6.12 and Firefox 3.5.15 to patch the vulnerability, which had been exploited by malware secretly planted on the Nobel Peace Prize Web site.
Mozilla acknowledged the bug Tuesday and said it was at work on a patch, but provided few details. Today, the company said the vulnerability existed in the Windows, Mac OS X and Linux versions of Firefox 3.6 and the older Firefox 3.5.
The currently-stalled Firefox 4 was not at risk, Daniel Veditz, a Firefox security engineer, said in comments appended to the Mozilla blog post that confirmed the flaw.
More: http://www.computerworld.com/s/article/9193518/
Around mid-day Pacific time today, Mozilla released Firefox 3.6.12 and Firefox 3.5.15 to patch the vulnerability, which had been exploited by malware secretly planted on the Nobel Peace Prize Web site.
Mozilla acknowledged the bug Tuesday and said it was at work on a patch, but provided few details. Today, the company said the vulnerability existed in the Windows, Mac OS X and Linux versions of Firefox 3.6 and the older Firefox 3.5.
The currently-stalled Firefox 4 was not at risk, Daniel Veditz, a Firefox security engineer, said in comments appended to the Mozilla blog post that confirmed the flaw.
More: http://www.computerworld.com/s/article/9193518/