Mozilla released an important update to its Firefox browser on Friday, patching two separate security vulnerabilities which could both lead to arbitrary code execution on a victim's machine if exploited properly. The first, which involved an XUL tree element triggering garbage collection routines, was disovered by a German researcher known simply as Nils during last week's Pwn2Own hacking competition. The second, whose discovery was credited to Guido Landi, allowed a specially crafted XSL stylesheet to crash Firefox during a XSL transformation. This crash could then in turn be used by a hacker to run malicious code remotely.
Firefox 3.0.8 is an important security update, so users should upgrade via their browser or through the official download site as soon as possible.(Photo © julos - #2968801/stockxpert)