Since all software has bugs, it’s more important to consider how long it takes to get a fix out when a security issue is discovered than it is to count bugs. Number of vulnerabilities identified is a function of how … Continue reading
Posts from June, 2007
The bugs Michael Zalewski posted to full-disclosure yesterday are getting some attention in the press. The information below is intended to provide some clarity on the severity of these issues and how they impact users. Bug 382686 allows the attacker … Continue reading
Mike Shaver and I will be speaking at Blackhat August 1-2, 2007 on Firefox Security. It looks like there will be a number of Mozilla folks in attendance. I hope to see some of you there. Building and Breaking the … Continue reading
Welcome to the Mozilla Security blog. This is the place to come for updates on what is going on with security at Mozilla.