CNET article. (http://news.com.com/Hackers+claim+zero-day+flaw+in+Firefox/2100-1002_3-6121608.html?tag=newsmap) Hackers reveal that Firefox can not handle stack overflow errors when running malicous JavaScript.

It is an illusion to think that Firefox (or any other browser) is secure or more secure than IE. Truth be told it probably has more vulnerabilities than IE and they take longer to be fixed as the browser is free. What gives it the appearance of security is that attackers would rather exploit the vulnerabilities of a MS$ product than one that's not made by them because the exploit will affect more users. (Plus many people just hate MS$.) It's the same with the Linux vs. Windows security debate -- Linux isn't inherently more secure than Windows it's just exploited less. Much less.

Agree about the principal but malware can and does get right to the root of Windows operating systems, whereas it cannot get to Linux kernels. It can get to the data but not to the Linux OS.

I agree when it comes to browsers but I can't imagine anyone saying windows is as secure as unix based OS's

It takes the most talented hackers to crack a linux box but an average joe with a few tools can easily infect a windows machine.

It's been a few years since I was "deep into" the DoD security ratings. What does the NSA give UNIX now a days?

That story was a bit inaccurate :rolleyes: ...

http://developer.mozilla.org/devnews/index.php/2006/10/02/update-possible-vulnerability-reported-at-toorcon/