2nd big Firefox exploit found in a week

Mozilla, maker of the Firefox browser will be releasing an update early next week for a newly discovered exploit. This exploit "provides an opening through which attackers can enter Firefox source code and modify it. If a Firefox user simply views a maliciously coded XML file on a website, in a style of attack known as a drive-by download, the exploit installs unwelcome software onto the victim's machine." [emphasis mine]

The high-priority update will fix the flaw which is reported to work on multiple platforms (Windows, Mac, Linux).

Src: "High-priority" Firefox patch being readied | SC Magazine US

No comments: