At starting of hacking contest set to target Web browser vulnerabilities, Mozilla patched its flagship Firefox browser. Firefox 3.6.2 update repairs vital error in font decompression routine that exploited to "crash victim's browser and run arbitrary code on system," Mozilla said.

Mozilla under pressure to repair error, it was added by Russian safety researcher Evgeny Legerov in his VulnDisco hacking tool, which sold as add-on to Canvas penetration testing kit. Firefox team likely to repair problem next week, but determined to rush out earlier update, in fact out of worry that Legerov's code could be changed.

Flaw changes Firefox 3.6, but not previous editions of browser, Mozilla said. Flaw lies in way Firefox applies Web-based font standard known as Web Open Font Format. Firefox update comes as hackers get ready to compete in three-day contest at Vancouver's CanSecWest security conference. In Pwn2Own event, contestants try to break into PCs by leveraging before hidden errors in Firefox, IE, Safari, and Chrome.

Mozilla updating software earlier than contest and Apple, Google also repaired browsers. Contest organizers stated that Legerov's bug wouldn't count if utilized in their contest, though, it is disclosed. Firefox 3.6.2 is accessible for Windows, Mac, and Linux users.