The latest updates from Mozilla Firefox and Google Chrome covers flaws that could lead to remote code execution attacks, according to separate advisories issued this week.
The release of the patches -- Firefox 3.6.14 and Google Chrome 9.0.597.107 (all platforms) -- is quite possibly not linked to the Pwn2Own contest, which encourages security researchers to hack into the major browsers but it is typical for software vendors to issue monster patches just ahead of the challenge every year.
This year's contest includes an actual challenge by Google for hackers to attempt to break out of the Chrome sandbox. Google is putting up a $20,000 cash prize for any hacker who can successfully compromise a Windows 7 machine via a vulnerability — and sandbox escape — in Chrome.
Earlier this week, Google shipped a major security makeover that included $14,000 is cash payments to bug finders. This mega-patch covered a total of 18 security holes, most rated "high-risk." Google said it has paid in excess of $100,000 to researchers as part of its bug bounty program.
Separately, Mozilla shipped a new Firefox version to fix the following: