This is big folks. I recommend getting firefox’s “no script” add-on right away.
Firefox Security Flaw Affecting Gmails Users – The Firefox JAR vulnerability still there!
Last week, security companies around the world spotted a new vulnerability in Mozilla Firefox which could allow the attackers to use a malicious JAR file to harm users computers. The security flaw is still there and moreover, it seems it affects most websites on the Internet including the super search giant Google.
GnuCitizien wrote that Michal Zalewski from Google you know, that famous hacker who joined Googleplex required additional information about a potential exploitation over the companys technologies. In addition, beford.org discovered a way to steal the Gmail contact list using a malicious JAR file especially created to take advantage of the Firefox vulnerability.
Im not going to offer you more details about it but Ill give you a tip on how to remain protected against attacks. You can always install the NoScript extension which was already updated to provide protection for this exploit. In case you never tried it, NoScript is an add-on designed to work with Mozilla Firefox which is supposed to disable the webscripts included on the websites you choose.
More at Softpedia