Patch/Configuration Management, Vulnerability Management

Mozilla fills Pwn2Own Firefox hole

Mozilla has fixed a Firefox vulnerability revealed at last week's Pwn2Own hacker contest, part of the CanSecWest conference in Vancouver, British Columbia. The memory corruption flaw, exploited by a researcher known as Nils, was discovered in the latest version of the web browser. It was patched with Thursday's release of Firefox 3.6.3, according to an advisory. The remote-code exploit only affects Firefox 3.6, but Mozilla soon plans to patch version 3.5, in case the vulnerability can be "triggered" in that installment as well. — DK

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.