Mozilla is preparing to release Firefox 3.6.2, which will address a critical security vulnerability present in Firefox 3.6. The vulnerability in question, was reported by security researcher Evgeny Legerov last month. However, his initial reluctance to directly communicate with Mozilla prolonged the development time for the patch.
The vulnerability has been rated by Secunia as highly critical and can by exploited by hackers to execute arbitrary code on the user’s system. It is not known if there are any in-the-wild exploits for this vulnerability.
Firefox 3.6.2 is scheduled to be released on March 30. Until then, security conscious users can download a nightly build from Mozilla’s FTP server. Firefox 3.7 Alpha 3 (or newer), as well as older versions of Firefox (pre 3.6 releases) are also not affected.