Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

Red Hat Enterprise Linux 7.1 Officially Released with Support for Linux Containers

Red Hat was proud to announce earlier today, March 5, the availability of the first maintenance release of its Red Hat Enterprise Linux 7 operating system for computers, used in numerous enterprises worldwide. Red Hat Enterprise Linux 7.1 contains a great amount of bug fixes and improvements over the previous release, as well as various new features. Read more Also: iSER target should work fine in RHEL 7.1

Help: Linux to the rescue of older operating systems

As you know, when someone offers free stuff, we give it a few weeks in order to give each group, organization or individual in need a chance to respond. That’s what we’ll do with Mary Greenfield’s generous offer to donate free fabric, so give it another week and then we’ll forward responses to her. One of the most rewarding aspects of writing this column is realizing that it generates discussion, and here’s a response to that question about updates for an older computer running Windows ME... Read more

Open source used to manage Figueres’ environment

The Spanish town of Figueres is relying on free and open source software to help manage its urban and natural environment. Fisersa Ecoserveis, an environmental company, is using a range of open source solutions to create, update and manage interactive geographic maps, used for monitoring and planning the city’s green spaces. Read more

I/O-rich SBC runs Linux on Cortex-A9 Sitara SoC

MYIR launched a “Rico” SBC for TI’s Cortex-A9 AM437x SoC, with an open Linux BSP, 4GB of eMMC flash, and coastline GbE, HDMI, and USB host and device ports. Read more