About browser hacking secrets

One of the hacker conferences also featured a presentation that also revealed to the public code that could exploit one of Firefox’s major security vulnerabilities.

At the ToorCon hacker conference, two speakers gave a presentation on various vulnerabilities in Firefox. During their presentation, Mischa Spiegelmock and Andrew Wbeelsoi also mentioned one of the vulnerabilities in the open source browser for which bug fixes are not yet available. However, the presentation did not resonate seriously because of the mention of this vulnerability, but because the speakers also revealed key details of the code needed to exploit the vulnerability.

Hackers say the vulnerability could be exploited through specially crafted websites. The bug affects Firefox JavaScript handling and is a risk for Windows, Mac OS X, and Linux compatible versions. According to the demonstration, the vulnerability could lead to taking control of the affected computers.

Spiegelmock said almost everyone knows that Internet Explorer is not something secure. However, he also stated that Firefox is almost as vulnerable as Microsoft’s software. According to the hacker, there are currently about thirty vulnerabilities in Firefox that have not been fixed yet, but they do not want to reveal their details.

After watching the presentation, Window Snyder, Mozilla’s chief security officer, acknowledged that the vulnerabilities presented by hackers could indeed pose a risk, so investigations have already begun. The expert expressed his concern, because he said that the presentation also presented solutions that could easily exploit the browser vulnerability. Therefore, until the bug fix is ​​released, many users' computers may be vulnerable to attacks.

According to some reports, Mozilla also offered a cash reward to give Firefox developers access to details of other security vulnerabilities, but the two hackers did not accept the offer.