Mozilla fixes new Firefox flaw

The Mozilla Foundation has released a new security patch for its Firefox internet browser and is urging users to install it.

The patch fixes a flaw in the software that handles animated GIF images that could cause a buffer overflow.

If a hacker embedded malicious code in an image it could conceivably enter a PC through the browser software, although no exploit code has yet been found in the wild.

"The Mozilla Foundation is deeply committed to providing its users with the safest internet experience possible," said Chris Hofmann, director of engineering at Mozilla.

"To deliver our users the experience they deserve, we must stay ahead of the curve in patching potential vulnerabilities. For example, the bug patched in this update has no known real world exploits, and we were able to provide a quick response."

The flaw came to light after work done by security researchers at Internet Security Systems but was fixed before they published their report. This is the second Firefox patch to be released in the past month. The buffer overflow patch is available here.

See also:

Firefox hit with new critical flaws

Holes could allow hackers to implant Trojan or key-logger  09 May 2005

Netscape hit by critical flaw

'Use another product,' advises browser firm  28 Apr 2005

Mozilla Bug Bounty pays fault-finders

Users who find flaws offered $500 per bug plus a free T-shirt  31 Mar 2005

Firefox market share rockets

IE5 users might be moving to Firefox not IE6, says web analytics firm  01 Mar 2005

Explorer douses Firefox flames

Stellar growth of open source browser begins to slow  28 Feb 2005

Firefox hits 25 million downloads

Open source browser making its way into the mainstream  22 Feb 2005

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!