Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Researcher Finds Hundreds of Browser Bugs

Posted by Soulskill on from the going-for-the-gusto dept.

An anonymous reader writes "PC Magazine reports on a very understated late night post to the full-disclosure mailing list, in which security researcher Michael Zalewski shared a fuzzing tool reportedly capable of identifying over a hundred browser bugs. Some of these bugs, he says, may be already known to third parties in China. The report also includes an account of how browser vendors fared fixing these flaws so far. Not surprisingly, Microsoft's response timeline appears depressing."

2 of 145 comments (clear)

  1. Re:Pass the salt please by Rockoon · · Score: 0, Troll

    You will note that the author never states that the 6 month old tool reliably reproduces the bugs in question.

    That would be something that, if true, he would have stated. This is so because the complaint he is facing is that only the newest tool reliably reproduces them, that further that this has been an ongoing complaint about his tool even by other parties besides Microsoft.

    Ergo, its probably false. The tool did not reliably reproduce the bugs in question 6 months ago.

    --
    "His name was James Damore."
  2. It's a big target by BudAaron · · Score: 0, Troll

    At 83 with years of computer experience I can't understand for the life of me why people dislike Microsoft so much. When I was growing up the American dream was to build a business and make it grow like crazy. Bill Gates did exactly that. So to me he represents the culmination of an American dream. That said the main reason Microsoft gets pummeled with exploits is that they are a huge target. Virus writers want to make a name for themselves so they go after the biggest targets. My answer is simple - I use Windows Security Essentials - a free virus tool from MS and I haven't had a virus since I started using it. Many of the commercial anti-virus folks aren't real happy but frankly I don't care. And yes - I do run other tools occassionally to ensure that all is well. You say you don't like Microsoft? I say "fine - no problem - you use whatever floats your boat but stop taking pot shots at MS." You don't need to use it and you don't need to like it. I don't care. I don't take shots at any "...ix" versions. You're welcome to use them or whatever you want. I just happen to love all things Microsoft and get a lot of work done using them. Take pot shots at me if you like - my name is Bud Aaron and you will find me with a simple name search.