The Mozilla Foundation has released a patch for a
critical security hole in its open source Firefox
browser.
The bug could be used by remote attackers to crash the browser
or install their own malicious code on users’ machines.
The Firefox 1.5.0.3 update fixes the vulnerability, which was
found in Firefox 1.5.0.2 – itself only issued in mid-April.
Security researchers said that malformed JavaScript code could
use the bug to crash the browser.
A number of the 25 bugs fixed in the release of Firefox 1.5.0.2
are related to JavaScript vulnerabilities, and the problem in
browsers in general is not uncommon.
Firefox now has around 10% of the browser market and is number
two behind Microsoft’s Internet Explorer.
