Mozilla released a patch last night plugging a critical hole in Firefox that could let an attacker crash a person's browser, and even run arbitrary code on their system. The organization recommends
that all Firefox users update to the latest release, version 3.6.2. Users of Firefox 3.6 should receive an update notification within 24 to 48 hours, but the patch can be applied manually via "Check for Updates" under the Help menu.
It's worth noting that the specific vulnerability mentioned above (552216
) involves a technology called Web Open Font Format (WOFF) introduced in Firefox 3.6, so previous builds should be safe. Regardless, Mozilla suggests that users of Firefox 3 and 3.5 download the latest version. Version 3.6.2 also addresses over 100 other bugs, which you can read in full detail here