Critical Firefox flaw exposed
Chicago (IL) - According to media reports, a pair of hackers said on Saturday that the Firefox Web browser, commonly perceived as the safer and more customizable alternative to market leader Internet Explorer, is critically flawed. A presentation on the flaw was shown during the ToorCon hacker conference in San Diego.
UPDATE 10/3/2006 7:08 PM EST: The Firefox exploit that wasn't - Hackers backpedal
Reportedly, Snyder is also understandably upset about the public flow of this information, claiming that the details presented during the conference almost completely show how one could exploit the flaw. "I think it is unfortunate because it puts users at risk, but that seems to be their goal," she said.
Jesse Ruderman, another member on the Mozilla security staff, persuaded hackers to disclose any potential security holes via their "bug bounty" program, instead of maliciously exploiting them for hijacking vulnerable computers. Mozilla's bug-reporting system gives $500 to anyone who reports a vulnerability to the Firefox staff.
Firefox was originally introduced as an alternative to Internet Explorer, the browser that has long been known for easy exploiting and distribution of worms and viruses. Because Microsoft's browser contains such an enormous userbase, it has always remained the main target for hackers. However, Firefox's audience has been growing and it is becoming a viable target for hackers.