Hours after the release of Firefox
2.0.0.12 it has been discovered that there is a vulnerability by default.
The upgrade had a fix for numerous other vulnerabilities. But according to the
HackerZine it has a major hole in it. Apparently, there is an information leak that is very serious because it can read all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.
The hole uses the 'view-source:' scheme that allows hackers to source out the 'resource:' scheme. It does not take hackers long to come up with an attack vector, the article says. Until the Firefox team comes up with a patch, it is probably better to use the NoScript plugin.