New versions of Mozilla's three prominent products have just been released to address an important security concern. This update will prevent your browser from playing "shell games" as Mozilla has promptly addressed a widespread vulnerability affecting most browsers. So far, Firefox 0.9.2 is working great for me.
Firefox 0.9.2 -- FTP Site for downloadingftp://ftp.mozilla.org/pub/mozilla.org/fir...releases/0.9.2/
Thunderbird 0.7.2 -- FTP Site for downloadingftp://ftp.mozilla.org/pub/mozilla.org/thu...releases/0.7.2/
Mozilla 1.7.1 -- FTP Site for downloadingftp://ftp.mozilla.org/pub/mozilla.org/moz...s/mozilla1.7.1/Below is more information from the Internet Storm Center:Mozilla issues security update for "shell" exploithttp://www.incidents.org/diary.php?date=2004-07-08
Mozilla and Firefox Update Fixes Vulnerability
It's time to update your browser, though this time the problem is not with Internet Explorer, but with Mozilla and Firefox running on Windows. As described in the eWeek article at http://www.eweek.com/article2/0,1759,1621463,00.asp
A flaw in the way Mozilla and Firefox handled links containing the shell: suffix could allow a malicious web site to run arbitrary code on the visitor's system. We advise you to upgrade to Mozilla 1.7.1 or Firefox 0.9.2 to patch this vulnerability.
For more information about this vulnerability and ways of addressing it, please see http://mozilla.org/security/shell.html
. This URL also points out that Thunderbird, an email client that's part of the Mozilla suite, is vulnerable, and explains how you can address the Thunderbird vulnerability as well.