Hackers work to exploit latest Firefox flaw

by admin September 14, 2005 at 11:43 am

Security researchers claim to have found ways to exploit a serious bug in Firefox and Mozilla Web browsers, a sign that attacks could be on the way.

The vulnerability, which could let attackers secretly run malicious software on PCs, was disclosed on Thursday by security researcher Tom Ferris. The Mozilla Foundation, which distributes and coordinates the development of the Firefox and Mozilla browsers, responded swiftly and released a temporary fix on Friday.

The problem also affects the latest Netscape Web browser, according to security experts. Netscape, a division of Time Warner’s America Online subsidiary, is investigating the issue, a company representative said on Tuesday.

Disclosure of a flaw typically starts a race in the security community to exploit it. In the past few days, at least two security researchers have posted messages to popular security mailing lists claiming they have found ways attackers could take advantage of the vulnerability.

The postings said that exploits that work on Windows and Linux had been found. At the time the flaw details were disclosed, there were no known exploits for the vulnerability, beyond the one Ferris claimed to have for Windows.

Full story: ZDNet Australia