Here is an interesting story, it appears that there is a virus that has Internet Explorer launching Firefox, which installs the payload.
If Firefox encounters the payload directly, it will stop it cold, but when it’s passed along by IE, not so much.
This virus probably has a couple more weeks life, just because Mozilla and Microflaccid are busy finger pointing. Clever idea this.
The saying about success having many parents but failure being an orphan seems fitting here. Window Snyder, who heads security at Mozilla, wrote today (http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/) that Mozilla developers will patch Firefox so it no longer accepts bad data from IE. But she stressed that only people browsing with the Microsoft browser were vulnerable to the attack.
“We recommend that people use Firefox and as always take care when browsing unknown websites,” she wrote.
For its part, Microsoft representatives said company researchers have “investigated the claim of a vulnerability in Internet Explorer and found that this is not a vulnerability in a Microsoft product.” Jesper Johansson, a former senior security strategist for Microsoft, similarly argues that “most definitely” the problem isn’t caused by IE.