Language Selection

English French German Italian Portuguese Spanish

Mozilla offers temporary fix for Firefox flaw

Filed under
Moz/FF

Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

"This is a temporary work-around just to deal with the immediate issue," Schroepfer said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.
Though there is no known attack that takes advantage of the flaw, Mozilla advises Firefox and Mozilla users to disable IDN. "Luckily we do not have any known use of this exploit, but it is fairly critical if there were to be (an attack), so this is a recommended download," Schroepfer said.

In addition to the downloadable fix, Mozilla on its Web site also offers instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

Full Story.

More in Tux Machines

Open-Source Chat Platform Scrollback Raises $400,000 Seed Round

Scrollback, a free open-source chat platform for online communities, has raised $500,000 Singaporean dollars (about $400,000) led by Jungle Ventures, with participation from Singapore’s National Research Foundation, Crystal Horse Investments, Singapore Angel Network, Roland Turner, and other angel investors. Read more

An open source Christmas with Kano

So this season, what every open sourc-erer wants might just be Kano, a computer kit that comes will all the functions needed to build it and learn to code afterwards. Read more

Particulate sensor developed using open source approach

A New York based start up company has used an open source approach, as well as funding from Kickstarter, to develop AirBeam – a handheld sensor which determines the concentration of particles in the air measuring 2.5µm or less. [...] The AirCasting app and website code is available on GitHub as open source, along with the AirBeam firmware and electronic schematics. The STL files for 3D printing the AirBeam and LiteBeam enclosures can be downloaded from www.shapeways.com. Read more

Brocade relying on open source and 'natural tension' for growth

In line with this prediction, Brocade has been working towards changing its business tactics from being known as a hardware enterprise storage provider to also becoming an additional player in the software-defined network market — one in which rival Cisco has also been dipping its toes. Read more