Mozilla has responded to the concern by releasing version 3.6.2 of its popular browser today, ahead of schedule. This was originally due to be available on 30th March.
The threat is so great that the German government yesterday urged its people not to use Firefox until the issue is fixed.
The critical vulnerability in version 3.6, could allow hackers to launch malicious code on users' computers.
Graham Cluley, Senior Technology Consultant and Sophos go-to man told TechEye, “There's an ongoing problem with users ignoring reminders to install patches and the like. Many people find the reminders to install "critical security patches" an annoyance, and would rather risk their identity and computer data rather than wait 5 minutes for a fix to install itself.
“Most browsers are getting better at automatic updates - the other software (other than OS) that really needs to get more attention from users is that from Adobe. Flash and Acrobat Reader are often targeted by the bad guys.”
If you are a Firefox 3.6 user, and wish to install the update straightaway, go to the Help menu and choose "Check for Updates" to update your installation of Firefox to the latest version. You can also visit www.getfirefox.com if you wish to download the full version.
In January, the German Federal Office for Information Security advised users not to use Microsoft’s Internet Explorer due to a security bug.
At the time of writing Mozilla did not have any reference to the bug on its website front page.
* Several Twitter users have reported problems with Firefox version 3.6.2, released today. User Johnny Tyson said: “Firefox 3.6.2 not working on my system. Downloaded but won't open pages. Aaarrrrgghhh.” With other twitterers Alex Guest and Simon Magee [no relation – Ed] both agreeing that they were experiencing problems.