On Wed, 19 Sep 2001, Erik Curiel wrote:
> Wow, check it out, this is a *serious* fuckup on M$'s part---I've never
> seen a security flaw in a browser before that allowed arbitrary code to be
> run simply by hitting a web page with Javascript activated in its configs.
Both IE and netscape have *tons* of those, and the unstable releases of
mozilla are probably almost as bad - remember, there's probably an exploit
for most of the ways of making it crash. The only reason IE was targeted
specifically is that it's at a stable version across many machines and is
the most popular browser.
-Bram Cohen
