Mozilla already working on a Firefox 3 security fix

The same day Firefox 3 was shipping, Tipping Point, a research organization for vulnerability analysis and discovery,  released an upcoming advisory (ZDI-CAN-349) about a new security vulnerability that could allow an attacker to execute arbitrary code, affecting Firefox 2 and 3 in their Zero Day Initiative site.

Following their own policies, Tipping Point has not disclosed any details about the vulnerability besides it would require user interaction, while Mozilla works on a patch. Mozilla Security reports that there is no known public exploit for this bug at this time.

Once the patch gets landed it will most likely be distributed via Mozilla Update Service as Firefox 3.0.1. Plans for 3.0.1 already include a few dozen stability and performance bug fixes but I wouldn’t be surprised if Mozilla rushes a security update ahead of the usual 4-6 weeks cycle, if it deems the bug severe enough.

10 thoughts on “Mozilla already working on a Firefox 3 security fix”

  1. Pingback: Is Firefox 3.01 Coming Soon? : The Alligator Pit
  2. Pingback: Descubierta una vulnerabilidad en Firefox 3 | RFD Internet
  3. Pingback: A 3 días del lanzamiento de Firefox 3.0 ya le encuentran la primer vulnerabilidad | GeeksRoom
  4. Pingback: Frexo.Net » Blog Archive » Firefox 3 vulnerability, 8 million people affected!
  5. Pingback: 25 useful Firefox extension for the masses
  6. ever since i have downloaded mozilla n browse my mail n when i log out the dailog appears saying that my somebody else has signed in for my mail as this is been only my private id n i even changed my password after that but the dailog appeared with in five seconds n i was demanded to resign in…Plz fix this problem

Comments are closed.