Mozilla moves swiftly to patch SSL loophole in Firefox

Three other security problems have also been solved with Firefox 3.5.2 but the SSL-protected compromise - in which hackers could obtain certificates allowing the intercept and alteration of encrypted communications between the web browser and the IP destination - is viewed by many as the most important.

Microsoft's vulnerability research team is also reported to have been working with the Mozilla Firefox development team, and sources suggest that a patch for Internet Explorer to solve the SSL security flaw is imminent.

As widely reported over the weekend - including by Infosecurity - IOActive security researcher Dan Kaminsky and independent security researcher Moxie Marlinspike both separately revealed the compromise of SSL-protected communications at last week's Black Hat event.

Mozilla has posted an explanation of its patch and the SSL security flaw on its website.

What’s Hot on Infosecurity Magazine?