Thursday, 08 July, 2004
Firefox Browser Security Fix
If you're running Mozilla or Firefox, head over to mozilla.org and download the patch. Or maybe just upgrade to Firefox 0.9.2. Mozilla announced today that a vulnerability in the Mozilla and Firefox Web browsers allows the execution of arbitrary code in Windows NT, 2000, and XP systems. See this page for more information. My understanding is that the security hole isn't all that bad as it's difficult to trip, but it'd be a good idea to install the patch or updated version just to be safe.
The Open Source community is trying to make points with their discussion of this vulnerability, saying that they were able to identify, discuss, fix, and distribute a patch within 24 hours of discovering the problem. They contrast this with Microsoft's recent one week response to a vulnerability. An interesting read and an impressive achievement, but I could do without all the "rah rah, we're number one" cheerleading. See this NewsForge article for an example.