Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Update: Firefox update will patch CSRF bug, Mozilla says

Gregg Keizer | Feb. 23, 2011
Delayed Firefox 3.6.14, 3.5.17 to ship March 1, fix cross-site request forgery bug that can be exploited via Flash

Firefox will be one of four browsers -- the others are Chrome, Safari and Microsoft's Internet Explorer -- that will be targeted by attackers hoping to walk off with $15,000 or $20,000 in cash. Pwn2Own's rules state that the targeted browsers will be "the latest release candidate at the time of the contest," meaning that researchers will have to tackle Firefox 3.6.14.

Last year, Mozilla confirmed a critical vulnerability in Firefox less than a week before 2010's Pwn2Own, but said it wouldn't fix the flaw until after the contest. Pwn2Own organizers then ruled that hackers would not be allowed to use the vulnerability to exploit Firefox.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.