Security Researcher Finds Hundreds of Browser Bugs

An anonymous reader writes "PC Magazine reports on a very understated late night post to the full-disclosure mailing list, in which security researcher Michael Zalewski shared a fuzzing tool reportedly capable of identifying over a hundred browser bugs. Some of these bugs, he says, may be already known to third parties in China. The report also includes an account of how browser vendors fared fixing these flaws so far. Not surprisingly, Microsoft's response timeline appears depressing."

Re:Pass the salt please

[MathFox]

It depends on the exact bug that is triggered. When a security researcher mentions "potentially exploitable bug" it could be serious. Very often a memory corruption is a first step into more serious exploits.

Hard to get reproducible results

FTFA: The design of the fuzzer makes it unexpectedly difficult to get clean,
deterministic repros; to that effect, in the current versions of all the
affected browsers, we are still seeing a collection of elusive problems when
running the tool - and some not-so-elusive ones.

This might help explain at least part of the difficult communication with Microsoft.

Re:Hard to get reproducible results

[Stratoukos]

This might help explain at least part of the difficult communication with Microsoft.

But not Mozilla, the Webkit team and Opera?

Re:Terrific Research, But...

[dgatwood]

Why do companies still use MS [Internet] Explorer?

Momentum. A browser in operation tends to stay in operation unless acted upon by an outside IT consultant.