The third release of Mozilla's open source Firefox browser has been marred by the discovery of security flaw that...
could allow a hacker to run malicious code.
The discovery comes less than a day after the new browser was launched and affects previous versions of the browser too, said security experts Digital Vaccine Labs.
"Five hours after the official release of Firefox 3.0 on 17June, our Zero Day Initiative program received a critical vulnerability affecting Firefox 3.0 as well as prior versions of Firefox 2.0.x," the company said on its blog.
"Not unlike most browser-based vulnerabilities that we see these days, user interaction is required such as clicking on a link in e-mail or visiting a malicious web page."
The group said it had reported the vulnerability to the Mozilla security team, who were now working on a fix, but at the time of writing no patch was immediately available.
Mozilla said that the new version of FireFox had "raised the bar for security" upon its release and that because FireFox was designed as an open source product, it could leverage the experience of thousands of security experts around the globe.