All the latest UK technology news, reviews and analysis

Mozilla working on critical Firefox patch

by Miya Knights

27 Mar 2009

Comment: 1

  • Tweet this
Firefox
Mozilla is working on a patch for a widely publicised Firefox flaw

Mozilla is readying a patch for a widely publicised critical flaw in its Firefox web browser.

Attack code to exploit the vulnerability, written by security researcher Guido Landi, appeared on several security websites on Wednesday.

Further reading

The code could be modified by attackers to dupe users of the unpatched browser into viewing a malicious XML file that is then used to install unauthorised software.

The flaw is thought to affect all releases of Firefox 3.0, the most recent version of the browser, running on all popular operating systems, including Linux.

Mozilla had not responded to requests for comment at the time of writing, but a Firefox security developer said that the company is working on a patch.

The patch will be issued as part of Mozilla's upcoming Firefox 3.0.8, which is slated for release between 30 March and 1 April.

The patch has been characterised as a "high-priority fire drill" security update, because the attack code has been released publicly.

Such code rarely gets released into the wild, but this does not necessarily slow down the hackers, as the CanSecWest security conference proved last week.

Fully patched versions of Firefox, Safari and Internet Explorer all failed its annual hacking contest.

Do you agree?

Add your comment

3.0.8 is out now

Just got it using check for updates option.

Posted by: Nick 27 Mar 2009

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Developer

Windows 8 on a Samsung slate

Windows 8 Release Preview set to go live after Microsoft blog gaffe

Related white papers

Information currently unavailable

Related articles

Related jobs

Today's top stories

Cloud computing use is a major government IT strategy

Government departments face possibility of open source 'spot checks'

Samsung Galaxy S III running Android Ice Cream Sandwich

Samsung Galaxy S3 launch fails to attract iPhone-like crowds

hurricane-irene

American Express predicts online hurricane to blow big business away

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

27%

2%

13%

58%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

X2 PMO lead, Investment Banking, London up to £495 per day

X2 PMO lead, Investment Banking, London up to £495 per...

SEO analyst - Retail ecommerce - Hertfordshire. £35-55k

SEO analyst - Retail E-commerce - c35-55k - Hertfordshire...

ICT Technician

ICT Technician Leicester £10,000 per annum...

Oracle Performance Tuning, Oracle, Engineering

Oracle Performance Tuning, Oracle, Tuning, Engineering...

To send to more than one email address, simply separate each address with a comma.