Firefox' reputation takes a battering on the security front

The problem - explained in some depth on the Milw0rm security exploit portal - means that hackers could compromise a website and then infect visitors to the page who use Firefox.

The cause of the security flaw in Firefox appears to be a buffer overflow when processing font tags that have been customised, Infosecurity understands.

Mozilla has been notified of the security problem and is expected to bring out a patch shortly.

Infosecurity suggests that Firefox users should either disable Javascript on their browsers or - if they want to visit sites with Javascript features using Firefox - install the IE Tab add-in.

The IE Tab add-in - coded by Taiwanese programmer Hong Jen Yee - allows Internet Explorer's rendering engine to be loaded within Firefox and so prevent the native Javascript flaw from causing problems.

The add-in is also useful, Infosecurity notes, for accessing sites using Firefox that normally only work with Internet Explorer.

What’s Hot on Infosecurity Magazine?