Mozilla’s security response team is scrambling to ready a patch [zdnet.com] for what appears to be a serious security vulnerability affecting users of its flagship Firefox browser.
The vulnerability [mozilla.org], released alongside proof-of-concept code [securityfocus.com] on several security sites, could lead to malicious code execution attacks if a Firefox user is lured to a Web site rigged with exploits. It affects all versions of the open-source browser, including the newest Firefox 3.0.7.
Read more from Robert McMillan [computerworld.com] and SC Magazine [scmagazineuk.com].