Mozilla has quickly released Firefox 3.6.12, which fixes a critical security issue. Users will be automatically prompted to update Firefox soon.
Yesterday, Mozilla admitted a critical vulnerability affecting Firefox 3.5 and Firefox 3.6 users. According to Mozilla, "Users who visited an infected site could have been affected by the malware through the vulnerability. The trojan was initially reported as live on the Nobel Peace Prize site, and the exploit required JavaScript enabled. The specific site is now being blocked by Firefox’s built-in malware protection.".
The latest updates, Firefox 3.6.12 and Firefox 3.5.15, will fix this vulnerability.
To avoid such painful incidents in future, users are advised to use NoScript Add-on for Firefox, which controls the execution of external JavaScript files on web pages.
