After much development mozilla finally has decided to release a bug fix for its browser that would repair a long standing security flaw in the software. Mike Schroepfer who is mozilla’s vice president of engineering has said that the current update that will be update 2.0.0.10 has undergoing through much testing and is now gong through the final development stages to make sure that there are no issues with this update.
The quality of the browser will be checked and thoroughly tested by the entire community of mozilla before its release. This flaw was pointed out by Jesse Ruderman but it gained wide spread acknowledgment only after researcher petko petkov had pointed out by writing on his blog about how this flaw can be used to launch a cross site scripting attack against the mozilla browser. This flaw basically lies with the fact that mozilla does not pay much attention in checking files that are compressed using the .jar format that are jave application files. The attackers could use this to their advantage by sneaking in malicious code in the .jar format which would attack an unwary victim. This update will block all chances of that from ever happening.
