Mozilla released an emergency update less than two days after it received reports of a flaw in its Firefox browser. To patch the security flaw, Mozilla issued Firefox 3.6.12 and Firefox 3.5.15 to counter the malware that had been planted on the Web site of the Nobel Peace Prize.

The company earlier admitted to the vulnerability through a blog post in its Web site. The vulnerability was said to be present in Firefox 3.6 and 3.5 for Windows, Linux and Mac OS X.

In Mozilla's blog post, Daniel Veditz, a security engineer for Firefox, assured users that the still-unreleased Firefox 4 did not contain the flaw.

"Firefox 4 beta users appear safe for the moment... The underlying problematic code does exist, but other code changes since Firefox 3.6 seem to be shielding us from the vulnerability," Veditz said.

Morten Kråkvik from Telenor SOC is credited for reporting the vulnerability. Visitors of the Nobel Peace Prize Web site were forwarded to a server from Taiwan. The Javascript-based flaw plants Trojan horses on Windows PCs. When successful, the Trojan could hijack the PC to give hackers control.