Gaping Holes In Fully Patched IE7, Firefox 2

Continent1106 writes "Hacker Michal Zalewski has ratcheted up his ongoing assault on Web browser security models, releasing details on serious flaws in fully patched versions of IE6, IE7 and Firefox 2.0. The vulnerabilities could cause cookie stealing, page hijacking, memory corruption, code execution, and URL bar spoofing attacks." Here is Zalewski's post to Full Disclosure.

And Opera

[Constantine+XVI]

No holes for Opera? Oh well...

(sits back in corner with large grin on face)

Re:And Opera

Opera you say?

What about Flock?

[ringfinger]

Anyone have info on how stacks up to IE/FF? http://30days.itious.com/

Re:Go old NoScript

[MightyYar]

I wish NoScript were the default behavior.

Psst... Hey Slashdot, your bias is showing

And once again, Slashdot fails to mention that the exploit does not work if you are using Vista and IE7.

I guess they can't afford to admit how Firefox is old crap, so they keep failing to mention when the one-two punch combo of Vista and IE knocks them on their asses. Again. And again.

Plug it

So, is this the solution? Plug that hole.

Re:Nice Bit of Trolling

[jp10558]

I'm pretty sure that CSS is faster and more efficient (as you don't have to redownload the whole thing every time - and there were several stories that said it would save /. lots of bandwidth charges) for any browser made in the last, what - 7 years?