If you are running Mozilla, Firefox, or Netscape, you need to upgrade now due to the IDN URI Buffer Overflow. In short, internationalized domain name characters in URLs can be used to compromise your PC. While this vulnerability has been known for more than a week, exploit code has been made publicly available now so it just a matter of time before we start seeing attacks based on this vulnerability.

Don’t confuse that vulnerability with another new one that affects Unix only and also affects Thunderbird.

If you are running Firefox, Mozilla, or Thunderbird on Unix (Linux, OpenBSD, MacOS-X, Solaris) you need to upgrade now. According to The SANS Institute, “This vulnerability in Mozilla/FireFox browsers and Thunderbird email client can be exploited to execute arbitrary commands on UNIX systems.” More information is available at SecurityFocus.

Go to http://www.mozilla.org/ for information on how to download the latest versions.