The Computer Emergency Response Team warned about Firefox 3.6 Mozilla has released Firefox 3.6.2 almost a week early after security issues were found in earlier versions. Firefox 3.6.2 was originally due to launch at the end of March, but is available to download now from the Mozilla website. The security hole had led the German government to issue a warning about Firefox 3.6. The Federal Office for Information Security made a similar ruling on the safety of Internet Explorer in January. It warned that the Firefox vulnerability, confirmed by Firefox makers, could allow hackers to run malicious programs on users' computers. Germany's official cyber-security response team - BurgerCERT - had recommended that users stop using Firefox until the tested fix was released. It was a move remarkably similar to the January announcement, in which France followed suit just days later. Fox swap? The original Firefox vulnerability was confirmed by maker Mozilla last week on its security blog, when it promised that the next official release would address the issue. It is only the current version that is affected but, given that prior releases have different vulnerabilities, reverting to an older version of the browser is ill-advised. Switching to a different browser may not be a good solution either, said Graham Cluley, senior technologist at security firm Sophos. "Switching your web browser willy-nilly as each new unpatched security hole is revealed could cause more problems than it's worth," he said. "What are you going to do when your replacement browser itself turns out to contain a vulnerability? "My advice is to only switch from Firefox if you really know what you are doing with the browser you're swapping to. If you stick with Firefox, apply the security update as soon as it's available." A Mozilla spokesperson said: "Last week we informed our users that the upcoming security release of Firefox 3.6.2 would include a fix for an exploit that was disclosed to us just over a week ago. "Mozilla is aware of the BergerCERT recommendation to avoid using Firefox 3.6, and encourage users to download... Firefox 3.6.2."



Bookmark with: Delicious

Digg

reddit

Facebook

StumbleUpon What are these? E-mail this to a friend Printable version