No sooner than the wave of record setting downloads are drawing to a close word is that a critical exploit has been discovered in Firefox 3. As being reported by c|net news security blog D3F3NS3 1N D3PTH (isn’t that such a cute name for a blog <gag>) the vulnerability was originally reported by Tipping Point’s Zero Day Imitative and rates the flaw as critical.

Nothing is being said about the vulnerability at this point so that the Firefox team has a chance to confirm (or deny) the problem and issue a fix for it. From the c|net post

Although the Zero Day Initiative team does not offer specifics until the vendor has a chance to patch it, the blog post did say this vulnerability, which also affects Firefox 2, requires user interaction and could result in an attacker executing arbitrary code.

Mozilla is reported to be working on a fix.

I wonder if this will get Mozilla another entry in the book of records as the quickest vulnerability report for a product immediately following it setting a download record.

Conversation Tags: Firefox 3, security, zero day