Mozilla slaps temp patch on Firefox

Mozilla Corp. on Tuesday updated Firefox to block attacks targeting a vulnerability in Apple's QuickTime that a frustrated British security researcher reported more than a year ago.

Last Thursday, Petko Petkov, a U.K.-based Web application penetration tester, posted exploit code for a bug in Apple Inc.'s QuickTime media player. The bug, which Petkov first disclosed in September 2006, lets attackers run script commands on systems equipped with Firefox or earlier and gives them a way to completely compromise machines. Petkov posted attack samples last week after he'd contacted Apple twice in 2006 without receiving a reply.

In announcing the update today, Mozilla's chief of security, Window Snyder, bragged about her company's fast response time. Mozilla slaps temp patch on Firefox

Linked by shanmuga Wednesday, 19th September 2007 11:30PM