Mozilla has released a patch for a zero-day vulnerability in its Firefox web browser, 48 hours after it was discovered.
The Firefox security flaw was used by attackers to run a drive-by-download attack on Firefox users visiting the Nobel Peace Prize website, The Register explains.
However, the company has released the Firefox 3.6.12 update, thereby plugging the vulnerability.
The open source software maker has credited the discovery of the vulnerability to security firm Telenor. The flaw did not affect the Firefox 4 beta version of the web browser, Mozilla has said.
Daniel Veditz, a security expert with Firefox, wrote on a blog post on Tuesday: “Firefox 4 beta users appear safe for the moment. he underlying problematic code does exist, but other code changes since Firefox 3.6 seem to be shielding us from the vulnerability.”