Internet Explorer and Firefox Beset by Bugs
Internet Explorer and Firefox Beset by Bugs
December 18, 2008: Both Microsoft and Mozilla are pushing out emergency patches for browsers this week in the wake of serious flaws surfacing in Internet Explorer and Firefox.
Firefox will see eight updates this week, with three of the open source browser’s patches pegged as critical. Two of these potentially enable a malicious user to execute cross-scripting attacks where one application sends commands to another, while the other could cause instability as well as further vulnerability to attaks.
While Firefox is getting the most fixes, Internet Explorer has received the sharper end of the stick, with a flaw so serious that security researchers have recommended that users switch to a new browser until the flaw, which appears in IE7 and earlier versions, is resolved.
Microsoft has described the flaw as “remote code execution”, saying that data binding bugs could allows hackers access to a computer's memory and remotely execute malicious code as IE crashes.
The emergency patch will be available from 1pm EST. A separate patch for IE8 Beta 2 will also be made available.
Comment on this story