Sample code that exploits a hole in Firefox and could allow a hacker to take control of your machine has been released on the Net.
"I think it's been enough time for people to upgrade from v1.0.4. of Firefox. So, here is the PoC [proof of concept] exploit for the ... vulnerability," the poster said.
The bug was fixed in Mozilla version 1.0.5, which was released last July, and has also been fixed in version 1.7.9 of the Mozilla Suite, said Mike Schroepfer, vice president of engineering with Mozilla Corp. "As long as users keep updated to the latest version, they're, in general, very safe."
In some ways, this latest exploit is similar to highly publicised attack code that has been circulating for Internet Explorer, said Russ Cooper, editor of the NTBugtraq newslist. "It can install and run code of the attacker's choice if a victim visits a malicious website," he said.