Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

OMG! GNU/Linux @ Walmart.com, sort of…

Remember the netbooks with GNU/Linux at Walmart, years ago? Read more

Confessions of an open source purist

I have also repeatedly evaluated GNU/Linux as a platform for my daily writing and administration. Each time, I’ve found it fairly easy to install (moreso every time I try) and easy to add applications. I’ve never had problems with malware, but at some point in the life of the system, a problem arises that at best causes an inconvenience (like the sleep mode failing) and at worst leaves the system impossible to boot. Read more

Healthcare one of the most impacted industries by open source

Healthcare is one of the most urgent socioeconomic issues of our time. This year, Opensource.com saw a variety of news and feature stories about applying the open source way and open source software (including tools) to alleviating the many problems faced by the healthcare industry. Here are this year's best of the best from Opensource.com in open health. Read more

The Open Bay helps launch 372 ‘copies’ of The Pirate Bay in a week, becomes GitHub’s most popular project

isoHunt, the group now best known for launching The Old Pirate Bay, has shared an update a week after debuting The Open Bay. The Pirate Bay, the most popular file sharing website on the planet, still isn’t back following police raids on its data center in Sweden, but its “cause” is very much alive. The Open Bay, which lets anyone with “minimal knowledge of how the Internet and websites work” deploy their own version of The Pirate Bay online, is becoming an open source engine of The Pirate Bay website, the group told VentureBeat in an email. “The fate of Open Bay is now in the hands of worldwide community.” Read more