Firefox has been updated to fix a major security flaw. Updates have been released for Windows, Mac and Linux (being v.220.127.116.11 and 18.104.22.168).
The primary vulnerability addressed by this update is the location.hostname vulnerability. It is a doozy, potentially allowing hackers to tamper with authentication cookies for third party sites, and control how Web sites are displayed and operate. Phishers, in particular, would find this vulnerability very useful, because a user could be fooled into thinking they are connecting to their bank, when in fact it is a bad guy that is controlling what they see.
It should be noted that 1.5.0.x will only receive security and stability updates until 24 April 2007, then you’re on your own.