Firefox security vulnerabilities
Information about more Firefox vulnerabilities has been released:
Code execution through javascript: favicons
http://www.mozilla.org/security/announce/mfsa2005-37.html
Arbitrary code execution from Firefox side panel II
http://www.mozilla.org/security/announce/mfsa2005-39.html
The fix? Disable javascript or update to Firefox 1.0.3.
We can only hope that all of those Firefox users who changed browsers because they believe Firefox is 'safe' will find out about these and other vulnerabilities and regularly check for updates, especially those who believed Mozilla when they said “No spyware/adware software can automatically install in Firefox just by visiting a web site.”
(cite: http://www.mozilla.org/support/firefox/faq)
Previous article:
Firefox used to infect IE:
http://msmvps.com/spywaresucks/archive/2005/03/13/38392.aspx