Window Snyder, Mozilla security chief, told SCMagazine.com today that one of the reported flaws has been fixed, while the other can not be confirmed as a vulnerability yet.
One flaw, reported on the Bugtraq mailing list, had already been fixed in earlier versions of Firefox, she said.
Mozilla had not been given enough information on the other, which was said to be exploited in cross-site scripting attacks and cyberscams, said Snyder.
"We appreciate all of the security research," she said. "It does turn up real issues sometimes. But with these, the first is confusion about a prior bug, and the second one does not look like it's anything right now. So neither of them should be a concern to Firefox users."
Just before Tuesday's Firefox 2.0 release, Snyder told SCMagazine.com that the update's most significant security feature is its anti-phishing technology.
Earlier this week, two flaws were discovered for IE7 hours after its release to the general public. One flaw can be exploited during phishing attacks and the other was related to the browser's use of Outlook Express.
Click here to email Frank Washkuch Jr.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
