The World’s most popular browser Firefox 3.6 is under attack.First zero day exploit hits Firefox 3.6.Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC.Now this security exploit is applicable for Windows XP(SP3) and Windows Vista.It isn’t mean that, it won’t applicable for Other Operating Systems.The developer says It was an interesting challenge to find the flaw – a buffer overflow – and to exploit it.
As Secunia rates the problem as critical,there is no any Official announcement’s or updates from Mozilla development team.Recently Firefox 3.6 crossed 50 million downloads, we don’t know how many system’s are under attack.Firefox 3.6 is released on January 21, 2010.There are no updates for Firefox 3.6 up to now.
However, according to the analysis on the Extraexploit blog, a significant increase in the number of Firefox 3.6 crashes was noted on the 12th and 13th of February. It is unclear whether the crashes were connected to the exploit being tested. The pages causing the highest number of crashes are listed in Mozilla’s crash reports.
As Mozilla’s updater is poor, please check for the latest updates manually.