This is a bad week for browser security; not only is Microsoft rushing out an emergency patch tonight, other browser makers are releasing their own updates as well as people worldwide go online to do their Christmas shopping.
Opera released version 9.63 of their browser yesterday, fixing several security issues. The most critical ones allow arbitrary code execution, making these just as critical as the Internet Explorer vulnerability. The Firefox developers have also been busy, pushing out the final update for the 2.0 version of their webbrowser which fixes four critical vulnerabilities, and version 3.0 that has three critical issues.
And to complete the list, Apple included a Safari update in their Mac OS X 10.5.6 release as well (CVE-2008-3170; CVE-2008-4234 can also affect Safari users). This might be a good time to have another look at Chrome; it has security issues as well, but the design philosophy is good (run every tab in a separate security zone), and since it contains relatively few extra’s other than browsing and managing bookmarks, there is less code to check for security problems.