-{ Quote: "It's unlikely that either Microsoft or Apple will patch their browsers' bugs before Mozilla. Apple, for example, never generates Safari patches within such a short time span. For that matter, neither does Microsoft." }-
Article (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9130638)

-{ Quote: "Article (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9130638)" }-
Not really. Assuming you're running Vista, the final release of IE8 was already immune to the exploit used in PWN2OWN 2009.

http://dvlabs.tippingpoint.com/blog/2009/03/27/pwn2own-ie8-exploit-foiled-is-the-browser-finally-secure
-{ Quote: "In summary, it was a narrow miss for Nils! Had the contest started one day later, his exploit would have been foiled by the RTW of IE8." }-

Yes, point taken. However...

-{ Quote: "(If you are a conspiracy theorist, you may ask yourself why Microsoft waited for the final released version of IE8 to break the exploit technique, instead of including it in previous beta updates, as they surely didn’t do it overnight, and not for the benefit of pwn2own!)" }-
To be fair, IE can't be included as they knew about and found a way to mitigate against the exploit technique before the contest started. As pointed out, the patch was already included in the version released the next day.

All this proved was that Mozilla fixed Nil's Firefox bug faster than Apple fixed his Safari bug (both browsers running on a MacBook).

Personally, I don't consider the 'race' by itself of much significance. What's more important and why I posted the article for discussion was the larger question it raised about who fixes their bugs sooner, especially the serious ones.

-{ Quote: "To be fair, IE can't be included as they knew about and found a way to mitigate against the exploit technique before the contest started." }-
Fairness is a wonderful attribute. Unfortunately, it also often has little to do with reality. Microsoft's fix was delivered one day later, Mozilla's in three weeks, and that's all that matters if we want to talk about the race to fix the PWN2OWN bugs. And if Microsoft's one day somehow doesn't make them faster than Mozilla's three weeks, then all I can say is that it's Apple who was "fastest", not Mozilla.

FYI. Mozilla patches Firefox's critical Pwn2Own bug (http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9130701&taxonomyId=17&intsrc=kc_top)

But if you are running IE8 on Win XP, the browser is vulnerable: Hack contest sponsor confirms IE8 bug in final code (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9130683)
-{ Quote: ""Nils' exploit is only broken when IE8 is running in Windows Vista SP1 or Windows 7," she said. "The vulnerability is absolutely there, so for IE8 on Windows XP, which lacks ASLR and DEP, it can be exploited using commonly known techniques."

Also at risk, said Forslof, are users running IE8 on the browser's Intranet security zone, no matter what operating system is on the machine. "If an organization is compromised, the flaw could still be exploited from the internal network on machines running Windows Vista and IE8," she said." }-

-{ Quote: "And if Microsoft's one day somehow doesn't make them faster than Mozilla's three weeks..." }-
Mozilla released it's patch for this bug (484320) (https://bugzilla.mozilla.org/show_bug.cgi?id=484320) 8-9 days after it was reported to them, a little over a week, not three weeks.

-{ Quote: "...then all I can say is that it's Apple who was "fastest", not Mozilla." }-What are you talking about?