Mozilla today released an important security update to Firefox. With sub-version 3.0.8, The browser has been patched for two critical security vulnerabilities, which are all that make it to this release. The first vulnerability, titled "Arbitrary code execution via XUL tree element" could allow attackers to compromise a box by using a browser crash to run arbitrary code. The second one titled "XSL Transformation vulnerability" is where attackers get to use browser crashes caused by XSL stylesheets during XSL transformation, to run arbitrary code. For more information, refer to the Security Advisories page for Firefox. Existing Firefox versions will be updated to version 3.0.8 automatically by default. Firefox 3.0.8 can be downloaded from the Mozilla Website.