Firefox 3 vulnerability
posted Jun 18th 2008 9:50pm by Eliotfiled under: firefox hacks, security hacks
TippingPoint’s Zero Day Initiative reported a critical vulnerability affecting Firefox 3.0 yesterday. It includes the 2.0 versions as well. It’s unreleased and Mozilla is working on a fix already. Whatever the exploit is, it does require the user to visit a malicious site or click a link to executed. It came in 5 hours after the FF3 release, but since it affects previous versions, we wonder if the researcher was just sitting on it to be first. The Zero Day Initiative pays researchers for the exploits they submit.
I love how MS always has those excuses, and now mozilla too it seems, ‘you are only affected by this hole in the browser if you visit sites’, yeah right, that’s comforting and a perfect excuse.