Landon Fuller has posted a gist on GitHub with an explanation of the bug and a binary patch to the affected library.
I read the headline and assumed this would be another story about the TSA's screening procedures...
I hate to be the guy who complains about the headline of a story... but a "web bug" is an image in a web page or HTML email that allows the site owner to track who has visited the page or read the email. This story has absolutely nothing to do with "web bugs". How about "browser bug" instead?
I hate to interrupt a good old-fashioned witch-hunt, but AOL was instrumental in the creation of a little group called the Mozilla Foundation, transferring hardware and intellectual property to them and donating $2 million.
So maybe they're not all bad.