Germany Tells Firefox 3.6 Users to Switch Browsers | eWeek
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Germany Tells Firefox 3.6 Users to Switch Browsers

Written By
Brian Prince
Brian Prince
Mar 22, 2010
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

The German government has advised users to ditch Mozilla’s Firefox browser until a security vulnerability is fixed.

The advisory was issued March 19 by B??rgerCERT , Germany ‘s Computer Emergency Readiness Team, in response to a vulnerability reported by Russian security researcher Evgeny Legerov. Legerov, who is the founder of the Moscow-based security firm Intevydis, discovered the bug last month and added it as a module to Vulndisco, an add-on to the Immunity Canvas exploit system used by security pros for pen testing.

Legerov’s exploit can be used to trigger a heap corruption vulnerability and can potentially allow an attacker to execute arbitrary code. The attack works against Mozilla Firefox 3.6, the most current version of the browser, but does not affect earlier versions, according to Mozilla.

Earlier this year, France and Germany urged users to ditch Microsoft Internet Explorer as a result of the Aurora attack on Google, Adobe and other corporations. In that case, the attackers exploited a security vulnerability in IE that Microsoft began investigating in September but had failed to patch. The company fixed the flaw in January.

“Switching your Web browser willy-nilly as each new unpatched security hole is revealed could cause more problems than it’s worth,” blogged Sophos Senior Technology Consultant Graham Cluley. “For instance, imagine how much training some users will require to switch from one browser to another. And it’s worth bearing in mind – what are you going to do when your replacement browser itself turns out to contain a vulnerability? Are you going to switch yet again?”
Mozilla told eWEEK that it is aware of the German government’s advisory and is accelerating the release of Firefox 3.6.2, which will contain the fix. Originally, version 3.6.2 was slated to be released March 30. The release candidate for the browser already contains the fix and can be downloaded here.

Thunderbird and SeaMonkey are based on earlier versions of the browser engine and are not affected, according to Mozilla.

*This story was updated to add a comment from Mozilla.
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information