Mozilla Fixes Firefox Flaw - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
9/12/2005
01:33 PM
50%
50%

Mozilla Fixes Firefox Flaw

Temporary workarounds for the most recent bug in Firefox and Mozilla browsers include both manual and automated fixes.

Mozilla Corp. has posted temporary workarounds for the most recent bug in its Firefox and Mozilla browsers that include both manual and automated fixes.

On Friday, just hours after Mozilla released the long-awaited Beta 1 of Firefox 1.5, a researcher posted information and proof-of-concept code for a vulnerability that could let attackers gain complete control of a PC simply by enticing users to a malicious Web site.

"We’re looking into the problem," said Mike Schroepfer, Mozilla's director of engineering, on Friday in an interview, "and we'll respond with a patch as quickly as possible."

Although the fix Mozilla posted wasn't a patch per se, it does eliminate the vulnerability in the browser's support for international domain names, (IDN). Users can either follow the directions for manually disabling IDN posted on the Mozilla site, or download and install a small patch which makes the changes.

"IDN functionality will be restored in a future product update," promised Mozilla in the patch alert.

This isn't the first time that problems with IDN has plagued Mozilla's browsers. Earlier this year, IDN support within Firefox was disabled in response to a spoofing vulnerability. IDN support was later turned back on in a follow-up version, however.

"This is obviously an unsatisfactory solution in the long term and it is hoped that a better fix can be developed in time for Firefox 1.1," said Mozilla in a statement back in February. (The "Firefox 1.1" tag was later dropped in favor of version 1.5, which released in beta form on Friday.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Commentary
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll