Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

D language, JavaScript

today's leftovers

SUSE Leftovers

  • SoftIron CEO announces new ARM server running openSUSE Leap
    The keynote speaker for the openSUSE Conference today and Chief Executive Officer of SoftIron, Norman Fraser, Ph.D., made a big announcement about the release of a new powerful ARM server that comes with essential tools to get the 64-bit ARM development up and running, out-of-the-box.
  • Watch The Videos From This Year's OpenSUSE Conference
    From 22 to 26 June, the openSUSE Conference has been taking place in Nürnberg. There's been live video streams for those not in Bavaria while now the video recordings are being uploaded for your enjoyment at your convenience.

The Relative Windows vs. Linux Performance For NVIDIA, Intel & AMD

Following the recent Windows vs. Linux AMDGPU-PRO / RadeonSI testing, GTX 1080 Windows vs. Linux results, and yesterday's Intel Windows vs. Linux benchmarks, here is a look at all three sets of numbers when using some OpenBenchmarking.org magic to merge the data-sets and normalize the results. Read more