Mozilla Patches Critical 0-Day Flaw Inside Firefox Within 48-Hours
As per fresh reports from ComputerWorld published on October 27, 2010, within not even 48-hours from knowing about critical vulnerability inside the Firefox Web-browser, Mozilla released a patch on an emergency basis on October 27, 2010 that fixed the problem.
Reveal specialists that the flaw occurred because of a fault, which was not specified, and it was capable of being abused for running arbitrary code provided users viewed a maliciously-created website.
Significantly, Secunia the vulnerability research firm rated this flaw namely CVE-2010-3765 as "extremely critical."
Meanwhile according to Mozilla, the flaw impacts solely Firefox's versions 3.6 and 3.5 as well as may potentially impact users of Thunderbird who download websites inside the RSS Reader.
Writing on the Mozilla Security Blog, security program manager Brandon Sterne for the company reported that the built-in anti-malware system of Firefox currently blocked the attack site. Softpedia published this on October 27, 2010.
Sterne further wrote that the exploit might continue to remain on other Internet sites prior to disclosing that Firefox creators were developing a security update.
Meanwhile, by patching Firefox flaws with the speed Mozilla hitherto adopted, the company has something to pride for. However, Avira and other security firms have expressed astonishment because the malware is unreliable. They seemingly can't perceive the reason for the attacker to particularly abandon a precious 0-day flaw that existed within such weakly-developed program since cyber-criminals normally exploited 0-day flaws for lucrative malicious software.
Related article: Mozilla Rules Out Bug in Its Firefox
» SPAMfighter News - 09-11-2010