Yesterday, Mozilla released an update to Firefox 1.0PR in order to plug a security hole. The hole requires significan user interaction in order to be exploited and no such exploitations have been reported. It could allow a malicious hacker to download code that would destroy files on the user's computer. As Mozilla notes, "The Mozilla Foundation continues to have a very strong track record on security. According to Secunia, an independent security monitoring organization, Firefox currently has 1 open security issue, out of a total of 13 security advisories filed in 2003 and 2004. 0% of these are labeled "extremely critical", 15% are labeled "highly critical". For the same period, Secunia lists 16 open security issues out of 44 advisories for Internet Explorer 6.0, 14% of which are labeled "extremely critical", 34% are "highly critical".
New users of Firefox, should go to the homepage for the updated download. Users who have Firefox 1.oPR go to Tools, Options, Advanced (tab), and click the Check Now button. Download and install the critical update, then restart your browser.
In sunnier news for Firefox, Charles Cooper, executive editor of CNET News has dumped IE for Firefox. Arik Hessedahl of Forbes.com is praising Firefox.