A flaw in Firefox 1.0.4 and Mozilla 1.7.8 has been discovered which reintroduces a seven year old vulnerability. The security problem, which has been rated as 'Moderately critical' by Danish security firm Secunia, means that if a user is viewing a trusted site in one window (such as an online banking web site) and they open a site belonging to a spoofer in another window, it is possible for code to be ran in the trusted window that was initiated by the spoofer. To protect yourself from these problems, it is recommended that you close all other windows/tabs before accessing a site where you routinely put in a secure password. There is no word that I could see on a possible fix for the browsers at this time, but surely one is coming.