Friday, 20 June 2008

Firefox 3 Vulnerability

Firefox 3 gets released and becomes the most downloaded program ever (8 million or so downloads in the first day). Mozilla is understandably very happy about this. However, just hours later, a security flaw is uncovered by security firm TippingPoint and submitted to Mozilla for fixing. So embarrassment all round.

Except, being the cynic I am and knowing how I would do things, I bet TippingPoint found this bug out in the open source code during the round of beta testing, but held back on submitting it. This way, they could make quite a name for themselves on the web by being the first to uncover a vulnerability in the new web browser. Very clever. It's exactly what I would have done, too.