IT security experts have advised businesses and home users to update their copies of the Firefox web browser in order to protect against serious security flaws which could be exploited by malicious hackers.
The warning comes from Sophos after Mozilla released version 18.104.22.168 of Firefox which fixes a vulnerability that can be exploited by the FireSpy trojan horse. The malware poses as an extension for Firefox.
Firefox version 22.214.171.124 is not connected to Firefox 2.0, the eagerly anticipated major new version of the web browser which is currently in beta.
The FireSpy-A trojan horse, also known as FormSpy, infects computers that have already been hit by the Dloadr-AKL trojan.
FireSpy installs itself into the Registry and can steal passwords, credit card numbers and confidential data from Firefox users.
"It's critical that users of Firefox keep updated to protect against security vulnerabilities," said Graham Cluley, senior technology consultant for Sophos.
"It makes sense for all computer users to remain alert about the latest security flaws, and ensure they are running the latest patched version of their chosen internet browser.
"It has been much more common for hackers to target users of Microsoft Internet Explorer than Firefox.
"Even though we do not believe that FireSpy poses a significant threat, it is still a timely warning that all computer users - regardless of whose software they use - need to be careful about what code they run on their PCs, and ensure they are properly protected."
Security experts advise Firefox users to upgrade
By Clement James on Jul 31, 2006 1:53PM