Navigator update stamps out bug

Netscape posts a new version of its browser in an effort to squash a privacy bug.

Paul Festa Staff Writer, CNET News.com
Paul Festa
covers browser development and Web standards.
Paul Festa
Netscape Communications today posted a new version of its popular Web browser in an effort to squash a privacy bug.

The Navigator security hole, which surfaced last week, lets a malicious Web site operator write a JavaScript exploit that would reveal the cache or surfing history of a visitor's computer. JavaScript is a scripting language created by Netscape that is unrelated to Sun Microsystems' Java programming language. Developers use it to create pop-up windows, forms, and other Web features.

Netscape advised users to set the size of their browser cache--where copies of recently accessed Web files are stored to minimize time spent accessing the network--to zero to plug the hole temporarily, pending a fix.

Users today can get Navigator 4.07 via Netscape's FTP site.

Tomorrow Netscape will make the update available from the download page on Netcenter, the company's portal site, according to Micki Seibel, senior product manager for Communicator. Communicator is Netscape's Internet software suite of which Navigator is the Web browsing component.

As of today, Netscape had not heard of any instances of anyone having their browser cache compromised, Seibel said.