Internet Explorer 0day Exploit Requires Firefox. Huh?

There is a new zero day exploit for Internet Explorer circulating but it requires that you have previously installed Firefox for it to work on a system.

The exploit code demonstrates the vulnerability using the Mozilla Firefox firefoxurl:// URL protocol. To trigger this vulnerability, an attacker must persuade a user who has previously installed Firefox or currently has it installed to access a specially crafted web page with Internet Explorer.

At this writing, there are no easy workarounds other than to avoid untrusted web sites.

[Firefox “firefoxurl” URI Handler Registration Vulnerability]

[tags]antivirus, antivirus software, anti virus, anti virus software[/tags]