Firefox, IE and Chrome hacked at Pwn2Own, Firefox issues secuirty update

eSecurity Planet has the story. Iceweasel in Debian Experimental is still at 19.0-1 a the time of writing, but the update will no doubt be made soon. The vulnerability is critical:

Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.