The flaw, known as the "shell" exploit, was publicized Wednesday on a security mailing list, along with a link to a fix for the problem. Updated versions of the affected software programs, which include the Mozilla, Firefox and Thunderbird browsers, have been released. Developers said the flaw affects only Windows users, not computers running the Macintosh and Linux operating systems. . . .
The flaw, known as the "shell" exploit, was publicized Wednesday on a security mailing list, along with a link to a fix for the problem. Updated versions of the affected software programs, which include the Mozilla, Firefox and Thunderbird browsers, have been released.

Developers said the flaw affects only Windows users, not computers running the Macintosh and Linux operating systems. Like recent Internet Explorer vulnerabilities, this flaw only allows the attacker the ability to run an existing program and requires that security problems in other applications be exploited to gain further access.

The flaw can be used to pass a file extension to the operating system. Windows XP will then run the helper application corresponding to that file extension. The main threat comes from the ability of an attacker to pass parameters to exploit vulnerabilities in a specific helper application, which could give an outsider access to the system. A shell problem could also cause the computer to freeze.