The Mozilla developers are rushing to fix a new bug in Firefox browser, which is being used by criminals to install malicious software on victims’ computers.
The flaw was discovered last Tuesday by the security company Norman, who discovered the error after reviewing secretly installed malicious code on the website of Nobel Peace Prize “If a user visits the site using Firefox 3.5 or 3.6, the malware could be installed on computer without any notice”, the company said.
In a blog posting, Mozilla has confirmed that the attack exploited an unpatched flaw in the latest updates and it was already aware of the research work of some security institutions.
The problem was diagnosed and a fix is being developed which will be launched soon as well tested, said Mozilla, which stated that the bug affects versions 3.5 and 3.6 of its browser for Windows, Linux and Mac OS X.
For the maker of Norton antivirus Symantec, the attack on the Nobel site was directed mainly at users of the system and mentioned that Windows could not find more cases like this.
Internet users also can install the NoScript extension, Mozilla said.