Exploit code that can use older versions of the open-source Firefox browser to remotely take over users’ PC has...
appeared on the internet.
Users of Firefox browsers older than version 1.0.5 could be attacked using the code, which has been published by Israeli software developer Aviv Raff.
Raff said Firefox users had been given ample time to upgrade their browsers, to avoid falling victim to the type of attack that can be created using his code, which demonstrates a flaw originally publicised this summer.
The vulnerability was fixed by Firefox distributor Mozilla with version 1.0.5. Mozilla also recently launched the major Firefox 1.5 upgrade, equipped with a host of new security features.
Malicious websites could be used to allow remote attackers to run arbitrary code on a user’s machine without them knowing.
Mozilla released an advisory this week about a potential problem in Firefox 1.5, which addressed the possibility of the browser “hanging” when visiting certain websites. This was described as a minor issue by Mozilla.