This week in security

To reduce the confusion caused by the different names security companies give worms, viruses and other pests, the U.S Computer Emergency Readiness Team next month plans to take the wraps off the Common Malware Enumeration initiative.

The project assigns a unique identifier to a particular piece of malicious software. When included in security software, alerts and virus encyclopedia entries, this identifier should help people determine which pest is hitting their systems and whether they are protected, the initiative's backers said.

Meanwhile, Mozilla has released an update to Firefox to fix several serious security flaws, including a recently disclosed bug that could let attackers secretly run malicious software on PCs.

Firefox 1.0.7 was issued late Tuesday, a Mozilla representative said. A new Mozilla Suite 1.7.12, containing the affected Mozilla Web browser and other tools, was to follow by the end of the week.

In other Mozilla news, a report from security vendor Symantec found that Mozilla Web browsers are potentially more vulnerable to attack than Microsoft's Internet Explorer, but hackers are still focusing their efforts on IE.

Some readers were a bit skeptical of the findings. Jay Talbot, for example, read through the report and said it was incomplete because it only looked at "vendor confirmed" vulnerabilities.

"We all know how M$ doesn't like to hang their dirty laundry out for everyone to see, at least until it's too late," he wrote. "Just because more vulnerabilities are caught, and repaired, doesn't make a piece of software insecure. What makes it insecure are the ones that aren't caught in time, and it's too late."

Symantec, which has agreed to acquire privately held WholeSecurity, also reported this week that more computers in the Asia-Pacific region are being hijacked and used remotely by hackers to send viruses.