Critical Bug in Firefox 3.6 is Mozilla Release Update

A month(!) After a failure critique of Firefox 3.6 was made ​​public, the Mozilla decided to release yesterday (22) a security update to your main browser . According to the company, the critical flaw is specific to version 3.6, any previous version was affected.

The bug was related to routine sources of decompression used in Firefox to implement the Web Open Font Format standard. If exploited, it could make the browser crash and allow remote execution of malicious code. The flaw was discovered by Russian security researcher Evgeny Legerov, which sells a program for disaster operation called VulnDisco hacking tool, which included the bug.

Despite the delay, the timing of the update could not have been better as the security conference CanSecWest is about to begin. It is during this conference is the contest called Pwn2Own ( ‘Break to win’ in free translation), in which hackers need to invade a laptop using unknown flaws in major browsers and if they can, win a prize of $ 10,000 and the computer They managed to invade.

The new version is now 3.6.2 and is available for all platforms via download or by Firefox itself update menu. Update Dja!