Mozilla has shipped a highly critical Firefox update to patch 13 vulnerabilities that expose Windows and Mac users to hacker attacks.
Some of the vulnerabilities could be exploited to launch drive-by malware downloads or code execution attacks if a user simply surfs to a rigged Web page. According to Mozilla, 11 of the 13 vulnerabilities are rated “critical,” meaning that they can can be used to run attacker code and install software, “requiring no user interaction beyond normal browsing.”
The vulnerabilities affect both Firefox 3.5 and 3.6. The patch is being delivered via the browser’s automatic update mechanism. Mozilla Firefox users should immediately update the browser to Firefox 3.6.13 and Firefox 3.5.16.