bill
msg:3678343 | 8:17 am on Jun 19, 2008 (gmt 0) |
Worth waiting for a patch on this one before upgrading?
|
Gomvents
msg:3681184 | 3:46 am on Jun 23, 2008 (gmt 0) |
"...the blog post did say this vulnerability, which also affects Firefox 2..." I'd say upgrade now, I already did and it's great. seems the vulnerability is the same in FF2 and 3 anyways...
|
eriky
msg:3681282 | 8:47 am on Jun 23, 2008 (gmt 0) |
If it requires user interaction it's probably something that won't happen to an experienced web surfer anyway. Just another company that wants some attention at the cost of the reputation of another. Why would they release such information now instead of before the release? The betas and release candidates have been out for months..
|
maximillianos
msg:3681412 | 1:26 pm on Jun 23, 2008 (gmt 0) |
Microsoft is playing dirty! Oh, I guess that does not surprise any of us... ;-)
|
SEOMike
msg:3681507 | 2:44 pm on Jun 23, 2008 (gmt 0) |
| The Zero Day Initiative has been criticized in the past for paying researchers who find vulnerabilities. |
|
Why? It makes sense to pay someone skilled to evaluate software to find a vulnerability.
|
zafile
msg:3681878 | 9:28 pm on Jun 23, 2008 (gmt 0) |
"Microsoft is playing dirty!" Right, as it did in 1999 when it run the SMP Mindcraft tests against Linux. This new fiasco is only Mozilla's fault.
|
whoisgregg
msg:3682611 | 6:13 pm on Jun 24, 2008 (gmt 0) |
| The Zero Day Initiative has been criticized in the past for paying researchers who find vulnerabilities. |
|
Why? It makes sense to pay someone skilled to evaluate software to find a vulnerability. |
|
I imagine the issue here is that it's an independent company paying third parties to find vulnerabilities. It's a bit like your neighbor paying a locksmith to check if you locked all your windows and doors and, if they find one that's open, to rummage around your house to see if you left any valuables laying around.
|
|
