Mozilla fixes browser vulnerabilities before Microsoft and Apple

Mozilla fixed two Firefox critical vulnerabilities on Friday, including a German student at the Pwn2Own hackers' competition that hacked three browsers.

At the Pwn2Own hacker competition, a 25-year-old computer science student from Germany, Nils, used a browser vulnerability to break IE8 RC on Firefox, Safari, and Windows 7 in Apple's notebook, microsoft and Apple received a $15000 prize. They said they would provide patches to fix the vulnerability in April 1, but Mozilla provided patches in March 27.

Firefox 3.0.8 released last Friday mainly fixed two vulnerabilities. Mozilla rated both vulnerabilities as critical, including the vulnerabilities detected by Nils, Mozilla said, this vulnerability exists in Mozilla's XML User Interface Markup Language XUL. In some cases, "_ moveToEdgeShift" can crash Firefox and "attackers can execute arbitrary code on victim machines ".

Mozilla has locked the Bug tracking and management database Bugzilla. Only authorized users can view details about the vulnerability.

Terri Forslof, security director at TippingPoint, the organizer of the Pwn2Own hacker competition, said Mozilla is faster than its competitors, Microsoft and Apple, in terms of vulnerability fixing as expected, although Microsoft blocked the vulnerability used by Nils to break IE8 RC in the official version, it was not fixed and may still be used to attack Windows XP.

1. The Internet Explorer share has shrunk. Microsoft should launch the Linux version to drive the storm.
2. Mozilla and Khronos cooperative network 3D graphics acceleration technology