Malicious code in an image could enter PC through browser
Malicious code in an image could enter PC through browser

Mozilla fixes new Firefox flaw

Users urged to download patched version immediately

Iain Thomson

The Mozilla Foundation has released a new security patch for its Firefox internet browser and is urging users to install it.

The patch fixes a flaw in the software that handles animated GIF images that could cause a buffer overflow.

Advertisement

If a hacker embedded malicious code in an image it could conceivably enter a PC through the browser software, although no exploit code has yet been found in the wild.

"The Mozilla Foundation is deeply committed to providing its users with the safest internet experience possible," said Chris Hofmann, director of engineering at Mozilla.

"To deliver our users the experience they deserve, we must stay ahead of the curve in patching potential vulnerabilities. For example, the bug patched in this update has no known real world exploits, and we were able to provide a quick response."

The flaw came to light after work done by security researchers at Internet Security Systems but was fixed before they published their report. This is the second Firefox patch to be released in the past month. The buffer overflow patch is available here.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Further reading

Users advised to diasable JavaScript in Firefox browser

Firefox hit with new critical flaws

Holes could allow hackers to implant Trojan or key-logger

Netscape hit by critical flaw

'Use another product,' advises browser firm

Mozilla Bug Bounty pays fault-finders

Users who find flaws offered $500 per bug plus a free T-shirt

Firefox market share rockets

IE5 users might be moving to Firefox not IE6, says web analytics firm

Related whitepapers

Related jobs

Most watched

Summit video: Intel discusses processors designed for data overload (part one of two)

Intel explains how its Xeon processors can handle data-intensive apps

Summit: Intel discusses processors for data overload (part 2 of 2)

More thoughts on how servers can help manage overload

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

deloitte

Summit interview: Deloitte discusses security implications of the data deluge

We chat to Mike Maddison, UK head of Security, Privacy...

ibm logo

IBM boosts mobile shopping with WebSphere Commerce

Update designed to give mobile users a richer, more personalised...

Summit: Intel discusses processors for data overload (part 2 of 2)

More thoughts on how servers can help manage overload

chrome logo

Google plans a Mac version of Chrome

A Mac-friendly version of the browser is in the pipeline

Primary Navigation