Read the report and get links at

http://news.zdnet.co.uk/security/0,1000000189,39285219,00.htm

Oh Gosh! (and Wow!)

With respect frosty, this isn't big news.

Hardly a day goes by without someone like Secunia announcing the discovery of a theoretical vulnerability in IE, SQL, Access, Outlook, Konqueror or some other major application. Most of these now are proof-of-concept vulns and not practically capable of significant exploitation.

MS, Linux, Sun and Mac continuously release security patches. Linux vulns get picked up pretty quickly because the code is open and is continuously scrutinised, patches appear within days. MS used to be notorious for the thousands of large & small vulns in their closed code, but they do seem to be getting a bit better recently.

Vulns have been around since the original sendmail exploit in '88 and before, I guess they'll always be around.

Most of the 8 FF and T'bird vulns are fairly esoteric and not easy to exploit - and at least they've been patched fairly quickly. BTW it's worth noting that being able to execute arbitrary code on a machine does not mean you've rooted it (unless it's Windows, where everyone runs with admin privileges).

:ok:

unless it's Windows, where everyone runs with admin privileges

Oi!!

Not everybody, Mac

;)

SD

Not knocking them, Mac, I use both.

Posted simply for info of others who might want to get patches.

Yes - thanks to Frostbite for the heads up.