Internet Security Systems discovered the problem was with the way Firefox processed GIF files. A buffer overflow attack was possible if the user had opened an "infected" GIF picture file.
Users are asked to download the latest version, 1.0.2, as soon as possible.
...GIF?!
__ dun dun dun __
Description
An GIF processing error when parsing the obsolete Netscape extension 2 can lead to an exploitable heap overrun, allowing an attacker to run arbitrary code on the user's machine.
Workaround
Turn off image display. Upgrade to the fixed version.
Argh. Any about:config's workaround?
I don't want to let go of my v1.0 PR.
Besides, how realistic are those buffer overrun scares?
In all cases I read about, it would just crash the app/the machine.
> I don't want to let go of my v1.0 PR.
m9(^Д^)PUUUHAHAHAHAHAHAHA
I like the auto update function a lot.