Firefox 使用 Anthropic 的 Mythos AI 在 30 天内发现了 20 年之久的错误并修复了 14 个月的问题
Burns Brief
Mozilla 最新的 Firefox 安全更新让我们难得一睹当前沿人工智能功能在攻击者之前到达防御者手中时会发生什么。市场参与者正在仔细权衡其影响,其结果可能取决于更广泛的宏观条件和数量。留意成交量确认——突破平均成交量将表明趋势可能会持续。
Mozilla’s latest Firefox security update provides a rare glimpse into what happens when frontier AI capabilities reach defenders before attackers. The company said it fixed 423 Firefox security bugs in April after gaining access to Claude Mythos Preview, compared with roughly 420 fixes over the previous 14 months. That compression is the signal. The defensive side did in one month what had previously taken more than a year, then disclosed a sample of the bugs to show the depth of latent risk still present inside a mature, heavily tested browser codebase. The strongest anchor is age. One of the disclosed bugs, Bug 2025977 , was a 20-year-old XSLT reentrancy issue in which key() calls could trigger a hash table rehash, free backing storage, and leave a raw entry pointer in use. Another, Bug 2024437 , involved a 15-year-old flaw in the HTML
Key Takeaways
- Mozilla’s latest Firefox security update provides a rare glimpse into what happens when frontier AI capabilities reach defenders before attackers
- The company said it fixed 423 Firefox security bugs in April after gaining access to Claude Mythos Preview, compared with roughly 420 fixes over the previous 14 months
- One of the disclosed bugs, Bug 2025977 , was a 20-year-old XSLT reentrancy issue in which key() calls could trigger a hash table rehash, free backing storage, and leave a raw entry pointer in use
- Another, Bug 2024437 , involved a 15-year-old flaw in the HTML
- Mozilla said Claude Mythos Preview helped identify and fix 271 bugs in the Firefox 150 release , with additional fixes shipped in 149