25 February 2007

Oops, update your FireFox again

There will be another update release after 2.0.0.2, since our dear Polish enbugger, Michael Zalewski, has turned up a remotely exploitable bug.

It’s good to see these vulnerabilties being fixed early in the cycle, as this means far fewer updates will be needed down the track. I imagine that updating things like public Internet kiosks could work out to be a bit of a pain, for example.

It’s also encouraging to see that the vast majority of oopses turn out to be difficult to exploit, very few show-stoppers along MSIE’s historical lines.

No comments: