Navigator users vulnerable to web attacks

A serious and, at the time of writing, unfixed bug in Netscape Navigator means that home computers are open to attack simply if users are unlucky enough to visit a website containing malicious code.

A serious and, at the time of writing, unfixed bug in Netscape Navigator means that home computers are open to attack simply if users are unlucky enough to visit a website containing malicious code.

The problem emerged following the posting on the internet of code, dubbed Brown Orifice by its developer Dan Brumleve, which exploits a vulnerability in the browser software that allows an attacker to view the contents of a user's hard drive.

Netscape has not yet made a patch available to address the problem, and experts have advised that the only effective interim defence is to turn off Java support in Navigator.

Microsoft has also come under fire for security holes in Internet Explorer in recent months, although it has been quick to release patches that limit the browser's functionality.

The company was also criticised for not supporting industry standards in the latest version of Internet Explorer, and its download utility came under fire as it left PCs open to hackers and viruses.