@ Yag Kohha: Prove it my friend! It's very easy to say that it's a great bug.

Having a eastern European or Polish name and giving comments in broken English does not make you a Russian/East European black hatter:) (apologies to all hackers!).

VulnDisco could have simply said "we want you to buy our software. Therefore, we refuse to disclose the bug". When did Mozilla ever say that they had the most secure browser?

You too have some crack and be happy:)

Keep trying harder!

Its real bug and really working at xpsp3 vista and w7 (really better than IE aurora), wanna check this - get access to VulnDisco. Mozilla reaction for Legerov alert is too strange. Firefox is most secured browser??? This is a big lie:D Some words about mass FF crash after Legerov alert is too stupid too, Intevydis never exploit founded bugs and dont has blackhats in subscribers list. Please stop to eat psilocybe mushrooms. Be happy.

1) Microsoft gets egg on its face for multiple security holes in IE6,7,8, and whole countries warn their citizens not to use IE at all.

2) Microsoft contacts Legerov, and asks him to try to find a weakness in Firefox, and then publicly and maliciously release any findings he comes up with "for no reason" (besides the $150K cheque he got from his Microsoft friends).

3) Microsoft then effectively points an accusing finger at Mozilla..."see, theirs is no better, people should just stick with good ol' IE.

The fact that their may be nothing whatsoever wrong with Firefox is immaterial. Legerov stirred up FUD according to Microsoft's plan, a job well done, enjoy your money!

Microsoft has played virtually every dirty trick in the book (like bribing whole countries to support OOXML to ISO, or funding SCO to attack their "buddy" Novell) so it should be no stretch that they bribe one or two little hacker dudes to attack open source (which Heir Ballmer hates with a passion).

Just because FF is open source and the source code freely available, doesn't make it an easier target, it just means it's less work to see the code. I'm sure that hackers have no moral problems with breaking MS's EULA and reversing IE's source code.

I disagree - With all the people employed by MS, imagine just as many people have a look at IE as do at firebadger. Who's to say that MS employees aren't selling exploits to hackers - maybe even coding them in the first place!

Because, this is a benefit for hackers to exploit this buffer overflow to attack firefox user who does not know anything. The hacker knew the line in the code which is flawed. Firefox as open source browser is easy to monitor every new release for its source so more vulnerable than Opera and Internet Explorer.