The Mozilla Foundation has issued an update to the Firefox web browser, bringing the software to version 3.6.2. This update fixes a single flaw discovered a month ago, in which “the WOFF decoder contains an integer overflow in a font decompression routine. This flaw could result in too small a memory buffer being allocated to store a downloadable font. An attacker could use this vulnerability to crash a victim’s browser and execute arbitrary code on his/her system.”
You can download the new version of Firefox here, or by using the program’s auto-update feature.
