Mozilla has released the new Firefox versions 3.6.12 and 3.5.15 to patch a critical vulnerability. It is already used for malware attacks in the Internet. When a hacker attack on the website of the Nobel Peace Prize this week, the web pages with exploit code for a yet unknown vulnerability in Firefox were prepared. Mozilla has eliminated the gap and made new versions of Firefox, Thunderbird and Firefox ready.

The exploit used is mainly intended to Firefox 3.6. on Windows XP, users of newer versions of Windows are left in peace at least from that of the Nobel Prize website used to code. But the flaw lies in Firefox version branch 3.5, the mail program Thunderbird and Firefox in the Web Suite. This is a buffer overflow that using JavaScript can be provoked.

Therefore, it is a total of five new program versions: Firefox 3.6.12and 3.5.15, Firefox 3.1.6 and 3.0.10, and SeaMonkey 2.0.10. The provision of the new Firefox version is delayed a bit. Who uses Mozilla programs vulnerable should immediately install the new versions. The Norwegian Nobel Prize website , although now back clean, but it is likely that the exploit code has been implanted in different sites at different now. The attackers use of the Firefox vulnerability to spread a Trojan horse.