November 1, 2006 12:52 PM PST
Another denial-of-service bug found in Firefox 2
The two "crashers" are the only publicly released vulnerabilities that have been confirmed by Mozilla in the week since Firefox 2 was launched. The issues are only minor, the organization has said.
By contrast, Microsoft's Internet Explorer 7 update suffers from a spoofing flaw, discovered a week after Microsoft released IE 7 on Oct. 18. The vulnerability could help crooks mask phishing scams, the type of attack Microsoft designed the browser to thwart.
According to Secunia, a security monitoring company, there are at least two other vulnerabilities in IE 7. Microsoft has disputed these issues, saying that one reported problem lies in Outlook Express, not IE 7, and the other is a part of the product design, not a flaw.
Release of the new Web browsers set off a race among bug hunters to come up with the first security hole in either program. So far, though, none of the reported flaws could be exploited to hijack a PC running the browser, the most serious type of vulnerability.
1 commentJoin the conversation! Add your comment