Double-whammy security flaws target Firefox
Here is the security notice:
http://www.mozilla.org/security/announce/mfsa2005-42.html
Internet security firm Secunia rates the security flaw as "extremely critical", because code to exploit the flaws is publicly available.
Firefox suggests:
- Do not have any sites in your “Allow web sites to install software“ whitelist.
- Disable javascript.
Further information here:
http://www.frsirt.com/english/advisories/2005/0493
At time of writing, no patch is available for this vulnerability. Be prepared to download a full installation build [4.7 meg] to fix this problem.