Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

News about the migration to ODF in Taiwan

The migration of ODF keeps going in many different fields in Taiwan. Since 2016 the Ministry of Education in Taiwan entrusts the Information Service Association of Chinese Colleges (ISAC) and Software Liberty Association Taiwan (SLAT) with the task of promoting and migrating ODF/LibreOffice in universities in Taiwan. Among all the university, National Chi-Nan University (NCNU) is the earliest one, which started migrating LibreOffice since 2014 and has been working on it for three years. Then on April 20, 2017, a student from NCNU posted an article on Dcard forum saying that, according to her teacher, NCNU “Will not use Microsoft Office anymore due to the budget issue. LibreOffice will be used to replace Microsoft Office.” The student strongly questioned, “LibreOffice is totally unknown to everyone. I don’t know what the administrative staffs of our school are thinking about. Microsoft’s software is a very basic skill for enterprises to recruit people. This decision will make students lost their core competitiveness.” Read more

Phoronix on Graphics

NVIDIA GeForce GTX 1080 Ti: Windows 10 Creators Update vs. Ubuntu Linux Gaming

Earlier this week I posted some fresh AMD Radeon Windows vs. Linux gaming benchmarks using the newly-released Windows 10 Creator Update and Ubuntu 17.04. For your viewing pleasure today are some fresh NVIDIA Windows vs. Linux benchmarks using a high-end GeForce GTX 1080 Ti graphics card. Read more

Bits from the Debian Release Team: release update

We're approaching the final sprint towards Debian 9 "stretch". If you're still planning a BSP for stretch, now is the time to get it organised! Read more