14 DAY TRIAL // We all know that Firefox is one of the top web-browsers, being installed on millions of computers from all around the world. But if Firefox is vulnerable to the Internet attacks, do you still think that it is a smart choice? Well, you now have the chance to think about the answer because the security company Secunia reported a less critical security hole in Firefox which can be used by an attacker to compromise a user's system. Secunia said the security flaw affects all the versions of Firefox released before 2.0.0.7 so the only solution would be to update your browser to the latest version.
"The security issue is caused due to the "-chrome" parameter allowing execution of arbitrary Javascript script code in chrome context. This can be exploited to execute arbitrary commands on a user's system e.g. via applications invoking Firefox with unfiltered command line arguments," Secunia wrote in the security advisory.
Mozilla confirmed the vulnerability and sustained it was fixed in the latest update of the application, 2.0.0.7 which was released a few days ago. Moreover, the new release also patches the QuickTime flaw which can affect a user computer using a Firefox function.
"Disabling JavaScript in the browser does not protect against this attack; in vulnerable versions scripts passed through the -chrome option would be executed regardless of the JavaScript setting for web content, much as interpreters for languages such as perl and Python execute scripts passed on the command line. The NoScript add-on, however, has provided protection against this class of attack since the cross-browser vulnerabilities described by MFSA 2007-23 were discovered," Mozilla added.
Obviously, you can download the latest version of Firefox straight from Softpedia. In addition, you can update your web-browser using the 'Check for Update' function implemented in Firefox.