Comments on: Mozilla releases Firefox security update

Update follows public disclosure of exploit code for two "extremely critical" vulnerabilities in the open-source browser.

[feranick]

not bad!

4 days to get the update?
Not bad at all!

[sanenazok]

yep

That's open source for you. Oh and they didn't get proper notice of the flaw (meaning 30 days).

[pcLoadLetter]

yar

actually 2 days, I have been running 1.0.4 since tuesday.

new update...

...and i've already gotten it

why?
because i spend my whole life worrying about how safe and secure my browser is

i check up on new updates every day
how fast i get it is a matter of life and death
'cause i won't know what to do if anything happens to my comp

perhaps once in a while i'll get a life

[nrlz]

public disclosure

Actually multiple exploits were reported to Mozilla on May 2nd, which was 1 week earlier. But they were kept secret while Mozilla was working on a fix. However, one of those exploits got leaked to the public on May 9th, which is the incident we all know about. Only after this "public disclosure" did Mozilla issue a fix in the form of Firefox 1.0.4 two days later.

So technically it was 9 days with 7 days of secrecy.

Earliest Bug Report: May 2
http://bugzilla.mozilla.org/show_bug.cgi?id=292691

Leaked Bug Report: May 9
http://bugzilla.mozilla.org/show_bug.cgi?id=293302

[M C]

It's almost as if they were working on it...

...before the vulnerabilities hit the "news."

Fantastic!

This is fantastic service! Please put some more extremely critical securiy flaws in your products so we can all be impressed with your fast turn around times.

[amadensor]

Still waiting

Still waiting for my update to IE. Using Win2K. Still out in the cold. I guess Mozilla beat them in that race even though MS had a couple of months head start.

[sanenazok]

Come join usssssss

In using the windows 2000 with spiffy eye candy bloatware. You'll find bliss once you embrace it.

[slapmaxwell]

Yeah, Right...Safe And Secure

How's about that...quite a lot of patches for a browser supposedly so safe and secure.

[hion2000]

Yet another blind critic......

Really, you're showing off your lack of insight.

Nobody said Firefox was secure. Nobody said Firefox was safe. Nobody is safe, and nobody is secure.

I'm guessing you never saw the word "more" when someone mentioned "more secure". Also, if you can read properly, the correct slogan is "SafER, fastER, bettER"

[skiracer712]

Not as many securtiy patches as IE

Or as Safari.

[wazzledoozle]

Why doesnt the Firefox updater work...

I can always check it to see if there are updates, but I can never download them. There has been one called "Saferfox" for a while now. Cant download it though.

Maybe its a bandwidth problem? They should make the updates hosted with bittorrent or some P2P system so that updates can actually be downloaded through Firefox.

[danonneus]

Firefox is better than IE refered to the secure

This the diferent between IE and Firefox, Firefox allway is more secure than IE, and more faster when it is necesary tu repair bugs.


My Firefox home page