Correction: Firefox vulnerability update

Firefox-logo Just a quick update on something we posted yesterday concerning a security vulnerability found in Mozilla’s Firefox web browser (see the original post here).

First, this incident was NOT a zero day attack, as was originally reported. The exploit was discovered by a group called “The Zero Day Initiative” but was not actually a zero day exploit. According to the Mozilla Security Blog, the details of the problem will be kept private but it’s not a public exploit and “the risk to users is minimal.”

Second, we reported the exploit as a Firefox 3 issue, but the exploit affects Firefox versions 2.x and 3.0, so it’s not strictly a Firefox 3 issue.

We sourced this CNET article, which does contain accurate information. We apologize for any confusion that our original post may have caused.