Attack Targets Mozilla
Computer users who have not upgraded to the latest version of Mozilla's Firefox browser may now have an extra incentive to do so, thanks to a hacker who has posted an exploit. On Sunday, a hacker going by the name of Aviv Raff published sample code that could be used to take over the computers of Firefox users running version 1.0.4 or earlier of the browser.
The exploit takes advantage of a known bug in the way Firefox processes the popular Javascript Web programming language. "I think it's been enough time for people to upgrade from v1.0.4. of Firefox. So, here is the PoC [proof of concept] exploit for the ... vulnerability," he wrote on his blog. The bug was fixed in Mozilla version 1.0.5, which was released during the summer, and has also been fixed in version 1.7.9 of the Mozilla Suite, said Mike Schroepfer, vice president of engineering with Mozilla. "As long as users keep updated to the latest version, they're, in general, very safe."