Mozilla has fixed two critical flaws in its Firefox browser, two weeks after security researchers first started posting code that showed how the flaws could be exploited in attacks. The flaws allowed Internet Explorer to parse data through to Firefox which would then launch programs without authorisation.
Microsoft and Mozilla were at odds over who was to blame. Mozilla had insisted that the exploits would not work on Firefox alone. However, last week Mozilla's security chief Window Snyder conceded that she had been wrong. "We thought this was just a problem with IE. It turns out, it is a problem with Firefox as well," she said in a blog posting. "We should have caught this scenario."
Comment on this article: [email protected]