Perko Petrov, an independent security researcher, has found a new Firefox exploit. The existence of the flaw is due to the way that Firefox and Quicktime work together. If the computer is unpatched, the exploit could allow privileged code to run and access data.
According to Petrov, code could be run on systems that allow attackers to execute script commands and have firefox 2.0.0.6 or older versions. This could lead to a complete takeover of the computer.
The Chief of security at Mozzilla denies this to be true and says that patches were made in 6 and a quarter days and added that this little amount of time lessens the rationality for hackers to develop and release exploits for the particular issue.
A senior technology advisor for the anti-virus company Sophos, Graham Cluley, states that not only do users have to update their firefox to version 2.0.0.7, but also to consider installing Network Access Control as a means of diminishing the risk of exploiting this and future vulnerabilities.
Even though Internet Explorer users are the ones who are attacked most, it doesn’t mean that users of other browsers should not update and patch their software, because risks such as this exist.
