Enterprise Software

(in)Security: IE critical browser vulnerabilities and a Firefox quick fix

Sister site ZDNet reports gaping security holes in both Internet Explorer and Firefox today, but there's an unverified report of a quick fix for the Firefox vuln.

Fully-patched, up to date versions of IE6 and IE7 were said to be susceptible to JavaScript hacks, as per a Polish security researcher.

"...the entire security model of the browser collapses like a house of cards and renders you vulnerable to a plethora of nasty attacks," Zalewski warns, noting that local system compromise is also possible.

Other IE6 security holes were also documented, as well as a Firefox 2.0 major problem. However, one respondent claimed the popular NoScript extension to Firefox would abate the risk.

Does this risk make you think twice about using IE? Have you installed the NoScript extension for better security with Firefox? Join the discussion.

Editor's Picks

Free Newsletters, In your Inbox