Mozilla has rushed out a security update for its Firefox web browser a week ahead of schedule after the discovery of a security flaw prompted some public bodies to discourage use of the browser.
Firefox 3.6.2 was launched to address a security flaw discovered by security researcher Evgeny Legerov last month which would have allowed a potential hacker to distribute malware via a drive-by-download attack. The hack exploited a flaw in a font decoder in Firefox 3.6, which has since been closed by the latest fix. Earlier versions of Firefox used an alternative font decoder which was not vulnerable to such an attack.
The fix was due for release on 30 March, but was released ahead of schedule following warnings from the German government that the flaw was so serious that it advised users not to browse with Firefox until the issue was dealt with.
Mozilla claimed that version 3.6.2 also fixes a number of several other security and stability issues.
“Mozilla takes all security vulnerabilities seriously,” claimed the company following the discovery of the flaw last month. “We value the contributions of all security researchers and encourage them to work within our security process, responsibly disclosing vulnerabilities to ensure the highest level of security and best outcome for users.”
Users are also reminded to ensure that any antivirus software that they may be using is kept up to date, even if they have upgraded to the newest version of Firefox.
