First Zero-Day Exploit Released For Firefox 3.5

The race is on: Mozilla is scrambling to finish a patch for a now-public bug in its Firefox 3.5 browser, while exploit code is circulating and Metasploit has released a new module for the attack.

The vulnerability, which was initially discovered by Mozilla last week in the Firefox 3.5 Just-in-Time (JIT) JavaScript compiler, is considered “critical” in that it can be used to execute malicious code, according to Mozilla. A researcher posted his attack code on mil0rm on Monday. The flaw lets an attacker infect the machine of a victim duped into visiting a malicious Web page.

Click here to read more on ways to protect yourself from this threat.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: