In Firefox, the vulnerability has been known about for about seven years. The initial discussion on the Bugzilla system concerned whether Zalewski's discovery represented a new bug or whether it was the old bug. It turned out to be the old vulnerability. Microsoft's Internet Explorer also contains the bug, which has, however, been fixed in IE7. Nevertheless, Zalewski has found a new way of diverting keystrokes in IE7 to send files to the internet.
- MSIE / Firefox focus stealing vulnerabilities (for Windows), demonstrations from Michal Zalewski
- Focus change between onKeyDown and onKeyPress..., entry and discussion on Firefox-Bugzilla