Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla First To Patch Pwn2Own Browser Vulnerability

Posted by Soulskill on from the comparatively-quick dept.

Constantine the Less writes "Mozilla has released Firefox 3.0.8 to fix a pair of code execution holes that put users of the browser at risk of drive-by download attacks. It includes a fix for one of the flaws exploited during this year's CanSecWest Pwn2Own hacker contest. The update also fixes a separate zero-day flaw disclosed earlier this week on a public exploit site. Both issues are rated 'critical,' Mozilla's highest severity rating."

2 of 141 comments (clear)

  1. Re:And this is a surprise? by drinkypoo · · Score: 4, Insightful

    I also thought that open source had a built in Plan B that if a hole was found, anyone could submit a patch and it would get folded in as soon as it was reviewed and approved.

    That's funny, this is a story about the Open Source browser being patched before every other browser, and you're not seeing a benefit?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  2. BAH! by iminplaya · · Score: 5, Insightful

    The contestants already have next year's winning exploit waiting in the wings. Maybe we should have these contests every month instead of once a year.

    --
    What?