Like the zero-day exploit of Safari for Windows noted last month and also discussed at MacOSXHints, the breach deals with a 'URL handler', which allows the extension of a browser to add new features or allow existing features to be modified. Early reports laid it at the feet of IE, but the bus is within Firefox as per sources.
Do not browse untrusted sites.
Disable the "Firefox URL" URL handler.
No solution for any system is found yet in the Mozilla Foundation Security Advisories.
How will you handle this? Join the discussion.