Mozilla has released Firefox 3.0.8 to fix a pair of code execution holes that put users of the browser at risk of drive-by download attacks. It includes a fix for one of the flaws exploited during this year s CanSecWest Pwn2Own hacker contest. The update also fixes a separate zero-day flaw disclosed earlier this week on a public exploit site. Both issues are rated critical, Mozilla’s highest severity rating, and are rated ‘critical’ Both issues do not affect Firefox 2, Thunderbird 2, or released versions of SeaMonkey.
Source: https://threatpost.com/firefox-308-fixes-two-code-execution-holes-032709/72542/