Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

KaOS 2015.02 Distro Brings a Unique, Pure KDE Plasma 5 Experience - Screenshot Tour

The KaOS development team was proud to announce on February 24 the immediate availability for download of the KaOS 2015.02 Linux kernel-based operating system for personal computers and laptops. This is the first ever release of the KaOS Linux distribution with the next-generation KDE Plasma desktop environment, powered by the latest KDE Frameworks 5 technology. Read more

Snowden's favourite Linux - Tails - rushes sec-fix version to market

The developers want to kill off the previous version, Tails 1.2.3, as soon as possible, with a list of 14 security issues covering everything from the Tor browser and its network security services (NSS) through to a sudo privilege escalation bug. Read more

5 specialized Linux distributions for computer repair

Computers are incredible tools that let users doing amazing things, but sometimes things go wrong. The problem could be as small as accidentally deleting files or forgetting a password—and as major as having an operating system rendered non-bootable by file system corruption. Or, worst case scenario, a hard drive dying completely. In each of these cases, and many more like them, there are specialized tools that can aid you in fixing problems with a computer or help you be prepared for when something bad does happen. Read more

How To Install League Of Legends Game On Linux

League of Legends (LoL) is a 2009 multiplayer online battle arena video game developed and published by Riot Games for Microsoft Windows and Mac OS X. It is a free-to-play game that is supported by micro-transactions and inspired by the mod Defense of the Ancients for the video game Warcraft III: The Frozen Throne.

 

Read at LinuxAndUbuntu