patch

A serious browser vulnerability, but whose?

serious vulnerability that causes Internet Explorer to launch Firefox and execute a malicious payload is sparking debate about exactly who is responsible for the flaw.

The vulnerability, which was widely reported on security blogs, allows an attacker to remotely execute malicious code on a machine that is running IE but also has the Mozilla browser installed. By luring an IE user to a malevolently crafted site, the attacker can cause Firefox to execute the code without first vetting it for security.

Whose to blame? Perhaps both? Either way, if it weren't dangerous, it would be quite funny.

Full Story