One of the hackers who demonstrated exploit code for a vulnerability in the way the Firefox browser handles JavaScript admitted today that the presentation last week at a hacker conference was meant to be a joke, according to Mozilla"s chief of security. Mozilla security researchers spent most of Sunday and Monday scrambling to determine whether exploit code revealed during a presentation by hackers Mischa Spiegelmock and Andrew Wbeelsoi at Toorcon over the weekend could allow someone to execute malicious code through a memory corruption attack on Firefox.
However, Window Snyder, who leads Mozilla"s security team, said Spiegelmock admitted to the company that the presentation was meant to be humorous, and that he and Wbeelsoi had not actually achieved remote execution with the exploit code demonstrated at the show.