Here's a wake-up call for those who ditched Internet Explorer for Firefox, believing it's more secure than Microsoft's much-attacked browser:

Proof-of-concept code targeting security holes in Firefox and the Mozilla Suite have started appearing on public mailing lists. An attacker could exploit the flaws to launch malicious code. But users can protect themselves by updating to Firefox 1.0.3 and Mozilla Suite 1.7.7.

"These exploits allow the attacker to run arbitrary commands on Firefox before version 1.0.3 and Mozilla before version 1.7.7," Mikko Hypponen, director of AV research for Finish security firm F-Secure Corp., said in the lab's daily blog. "We advise all Mozilla and Firefox users to immediately patch their browsers. Otherwise you might get nasty stuff happen[ing] on your computer just by surfing to the wrong site."

The Bethesda, Md.-based SANS Internet Storm Center Web site also reported that two proof-of-concept examples appeared over the weekend. The site echoed Hypponen's advice, saying, "The little green update button in Firefox is your friend."

The link for this article located at SearchSecurity is no longer available.