New version of Firefox web browser fixes security holes

Sophos Press Release

Mozilla issues update to Firefox as Trojan that poses as browser extension spotted

Mozilla has released version of its Firefox web browser, fixing security vulnerabilities
Mozilla has released version of its Firefox web browser, fixing security vulnerabilities.

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centers, have advised businesses and home users to update their copies of the Mozilla Firefox web browser, in order to protect against a number of serious security flaws which could be exploited by malicious hackers.

Firefox version is not connected to Firefox 2.0, the eagerly anticipated major new version of the web browser, which is currently in beta.

"It's critical that users of Firefox's web browser keep updated to protect against security vulnerabilities," said Graham Cluley, senior technology consultant for Sophos. "It makes sense for all computer users to remain alert about the latest security flaws, and ensure they are running the latest patched version of their chosen internet browser."

More information about version of Firefox, and details of the security issues it claims to fix, can be found on Mozilla's website.

FireSpy Trojan horse poses as extension for Mozilla Firefox

The release of the new version of Firefox comes just after news broke of a new piece of malware that poses as an extension to the popular web browser.

The FireSpy-A Trojan horse, also known as FormSpy, infects computers that have already been hit by the Dloadr-AKL Trojan horse. The FireSpy Trojan horse installs itself into the Registry and can steal passwords, credit card numbers and confidential data from users of Mozilla Firefox.

"It has been much more common for hackers to target users of Microsoft Internet Explorer than Firefox," said Cluley. "Even though we do not believe that the FireSpy Trojan horse poses a significant threat, it is still a timely warning that all computer users - regardless of whose software they use - need to be careful about what code they run on their PCs, and ensure they are properly protected."

Sophos has been protecting against the FireSpy-A and Dloader-AKL Trojan horses since 07:26 GMT on 25 July 2006.

Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at