Firefox users told to upgrade
Firefox and Mozilla users have been told to upgrade to the latest version or risk be susceptible to hacker attack. Official sources in the US say that both the Firefox browser and the Thunderbird email client may allow an attacker to take control of their machine.
Also affected are Mozilla Seamonkey, the Mozilla suite and any other products that are based around the Gecko engine.
According to US CERT, in the worst case these vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the user running the affected application. Other effects include a denial of service or the disclosure of locally held information.
On its web site, Mozilla ‘strongly recommends’ that all users to upgrade to new versions of Firefox and Thunderbird ‘to take advantage of significant security and stability enhancements’. The organisation has already been delivering new versions of its software through its automatic upgrade programme.
The warning echoes a similar one given by security specialist Secunia which has issued a ‘highly critical’ level security advisory warning of cross-site scripting, phishing attacks and the bypass of some security restrictions.
New versions of both Firefox and Thunderbird are available at ‘Mozilla.com.