Mozilla on Wednesday released an update to resolve six vulnerabilities, two rated as critical, in its Firefox web browser.
Version 2.0.0.13 staves off the possibility of spoofing, cross-site scripting and malicious code installation that could result from exploitation.
The most serious flaw appears to involve a JavaScript privilege escalation problem, according to the SANS Internet Storm Center. This could force the browser to run malicious scripts that could lead to cross-site scripting or arbitrary code execution.
Storm Center handler Raul Siles wrote on the group's blog that users should consider running the open-source NoScript extension, offered by InformAction, to protect against attacks.
The other critical bug that was patched relates to a memory corruption error.
Mozilla also released version 1.1.9 of internet suite SeaMonkey and version 2.0.0.13 of email client Thunderbird.
