Just after the release of Firefox 3.0, a researcher sold a critical vulnerability in the browser to TippingPoint’s bug-bounty program. TippingPoint has reported this bug to Mozilla and the firefox team is trying to release its patch as soon as possible. It hasn’t released much details about this Firefox bug. However, it has confirmed that it affects the new Firefox 3.0 as well as older Version 2.0. According to TippingPoint this vulnerability is “critical” for the new release of Firefox as it could be used to execute remote code so it may allow an attacker to inject hostile code onto vulnerable systems.

On the other hand, Mozilla team has confirmed the vulnerability, but in an official blog post the company explained that the firefox 3.0 users are not exposed to any risk, because the details about the vulnerability are private and there is no chance of public exploit. However a patch is to be expected in the next few days. Meanwhile, the Firefox 3.0 has beeen downloaded more than 8.3 million times in its first 24 hours after the release and Mozilla’s servers went down due to this huge response from its users. By the way, I have also downloaded the new Firefox and started using it for web browsing.