Alleged 'Unfixable' Exploit in Firefox
An overflow of stories concerning an alleged Firefox 1.5 exploit hit the Web over the weekend, emerging from an underground users' conference in San Diego. But after the dust has begun settling, evidence of the exploit's severity and even existence has yet to materialize from official sources, including the Mozilla organization responsible for Firefox's development.
There, amid the presumed innuendo, new Mozilla security chief Window Snyder -- a former @stake researcher recently hired away from Microsoft -- reportedly took seriously a video of the exploit shown at the conference, although reports do not go so far as to say whether Mozilla officials consider the exploit to be particularly novel.
In any event, characterizations of the apparently uniquely prepared exploit as "unpatchable" have spread faster than the average zero-day, without the aid of a professional security advisory to push it along.
BetaNews has contacted Mozilla.org officials for comment on the alleged flaw, which may yet be forthcoming.