Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

LXQt 0.11.0 Desktop Environment Arrives After Almost One Year of Development

After being in development for the past eleven months, the next major release of the lightweight, Qt-based LXQt desktop environment has been officially released and it's available for download. Read more

Antivirus Live CD 20.0-0.99.2 Uses ClamAV 0.99.2 to Protect Your PC from Viruses

Today, September 25, 2016, 4MLinux developer Zbigniew Konojacki informs Softpedia about the immediate availability for download of a new, updated version of his popular, independent, free, and open source Antivirus Live CD. Read more

How to: Install Google Chrome web browser on Ubuntu Linux (and uninstall Firefox)

Ubuntu comes with a lot of quality software pre-installed. Unfortunately, the default web browser, Mozilla Firefox, has been on the decline -- it is slow and clunky. On Linux, Google Chrome is now the top web browser, and it is the best way to experience Adobe Flash content too (if you still need it). Installing Google Chrome on the Linux-based operating system is not totally straightforward. This is unfortunate, as the search-giant's web browser is an important part of having an overall quality experience on Ubuntu. Don't worry, however, as we will help you to both install the wonderful Google Chrome and uninstall the disappointing Mozilla Firefox. Read more

Parsix GNU/Linux 8.10 "Erik" Gets the Latest Debian Security Fixes, Update Now

A few minutes ago, the development team behind the Debian-based Parsix GNU/Linux computer operating system announced that new security fixes are now available for the Parsix GNU/Linux 8.10 "Erik" release. Read more