|
|
News
Mozilla warns of unpatched Firefox flaw used in attacks
Mozilla developers are scrambling to fix a new Firefox browser bug being used by criminals to install malicious software on victims' computers.
The vulnerability was discovered when a security vendor analyzed attack code that had been secretly installed on the Nobel Peace Prize website. If a user visited that website while the attack was active using Firefox 3.5 or 3.6, the malicious software might be installed on the user's computer without warning. The attack code installs a Trojan Horse program that can then be used by the hackers to download more malicious software and gain total control of the victim's computer.
Mozilla is currently developing a fix, but until then users who want to protect themselves against the attack can disable JavaScript in Firefox by locating the checkbox under the Tools drop-down menu in the Options Content tab. Users can instead install the NoScript add-on, Mozilla said.
