News 

Details have not been made publicly available, though the developer Mozilla has of course been informed. All Tipping Point will say is that the critical vulnerability could allow an attacker to execute arbitrary code. And like most of the new browser based vulnerabilities, user interaction is required such as clicking on a link in email or visiting a malicious web page.

Having worked with Mozilla on previous flaws, Tipping Point <

ADVERTISEMENT

says that it expects a fix won't be too long in the making.

The network security firm's secrecy means that as things stand no exploit has been seen in the wild, but Firefox users are advised to take no chances and follow good browsing practice. In partcular, don't click untrusted links - especially those in spam email.

Mozilla thanked Tipping Point for not disclosing details of the flaw.

"At Mozilla we appreciate any report of security issues because that is how we make the browser stronger and more secure," it said on its security blog. "The best way to keep Firefox users safe is to report the issues directly to Mozilla as TippingPoint has chosen to, and to wait to release details until a fix is available."