eWeek reports in this article of a security exposure in Mozilla’s Mozilla, Firefox, and Thunderbird clients wherein a malicious user can cause arbitrary code execution by using the shell: protocol. You can download Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.7.2.