Comments on: Zero-day Firefox vulnerability

By: Huw

Huw — Tue, 03 Oct 2006 18:43:53 +0000

I stand corrected! It appears that MS really is making the effort to give IE7 a great reputation of being secure.

Fortunately, I didn’t actually put any money on it, so my mistake didn’t cost me anything!

By: Nick Fitzsimons

Nick Fitzsimons — Sun, 01 Oct 2006 19:57:28 +0000

Huw: Microsoft released a patch for that vulnerability two days ago. See:
http://blogs.msdn.com/ie/archive/2006/09/29/777193.aspx
for details.

By: Huw

Huw — Sun, 01 Oct 2006 18:53:34 +0000

For the sake of balance, IE7 has a really bad vulnerability which will allow the execution of arbitary code (installing spyware, trojan- whatever) through some vector displaying thing. This is also unpached the moment, although there is a simple command line fix for it.

I would be prepared to put money on Firefox patching the vulnerability before Microsoft patches theirs - even though the MS one was discovered about a week ago.