Mozilla has released new Firefox security patches, and is advising users to update their browsers immediately.
The company issued updates for two vulnerabilities in versions of Firefox prior to 3.5 which could allow attackers to steal personal data and remotely execute code.
The first lies in the handling of the Secure Socket Layer protocol and could allow an attacker to issue false security certificates and possibly steal user data. Discovery of the flaw was attributed to researchers Dan Kaminsky and Moxie Marlinspike.
The second of the two vulnerabilities, discovered by Marlinspike, could allow remote code execution. An attacker could use a specially crafted certificate to cause an application crash and leave users vulnerable to further attacks.
Mozilla said that Firefox 3.5 is not believed to be vulnerable to either of the issues. Firefox 3.0 users are being advised to update to version 3.5.
The new releases come just days after the company marked the one billionth download for the popular open source web browser.
Children as young as four to be taught about the dangers of social media
Bans already issued to hundreds of players who used offensive language
The site is perfectly situated for launching small satellites into orbit
Delegates at the ESOF 2018 conference were warned that their perceptions of the digital age were coloured by private industry