With only two days from its public release, TippingPoint’s Zero Day Initiative reported a critical vulnerability affecting Firefox 3.0 as well as 2.0 versions yesterday.

It’s unreleased and Mozilla is working on a fix already. Whatever the exploit is, it does require the user to visit a malicious site or click a link to executed. It came in 5 hours after the FF3 release, but since it affects previous versions, we wonder if the researcher was just sitting on it to be first. The Zero Day Initiative pays researchers for the exploits they submit.

Source: Hack a day