Researchers successfully demonstrated new security vulnerabilities in all three browsers tested – Firefox, Chrome and IE. At the conclusion of the event we received technical details about the exploit so we could issue a fix.
We received the technical details on Wednesday evening and within less than 24 hours diagnosed the issue, built a patch, validated the fix and the resulting builds, and deployed the patch to users. Our fast turn around time on this security issue is a reflection of the priority and focus we place on security. Security is more than a side item for us, it’s part of our core principles.
We encourage community research within security and started the first major bug bounty program in 2004 for Firefox. Since then we’ve worked closely with experts around the world to help grow and mature security research. All security research and corresponding discoveries are used to proactively protect Firefox users as part of our larger security assurance program.
Find out more about how to get involved in Mozilla’s bug bounty program – http://www.mozilla.org/security/bug-bounty.html
Michael Coates
Director of Security Assurance
Jesse Ruderman
wrote on