Firefox flaw faked
One of the researchers who claimed to have found a major flaw in Firefox at the ToorCon hacking conference has admitted he made it all up.
‘The main purpose of our talk was to be humorous,’ he wrote.
‘As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.’
Security experts around the world have been trying to replicate the flaw ever since it was announced and Mozilla say they are still investigating to see if there are any unreserved security issues.
‘Even though Mischa hasn’t been able to achieve code execution, we still take this issue seriously,’ said Mozilla’s security chief Window Snyder
‘We will continue to investigate.’