Temporary workarounds for the most recent bug in Firefox and Mozilla browsers include both manual and automated fixes.
Mozilla Corp. has posted temporary workarounds for the most recent bug in its Firefox and Mozilla browsers that include both manual and automated fixes.
On Friday, just hours after Mozilla released the long-awaited Beta 1 of Firefox 1.5, a researcher posted information and proof-of-concept code for a vulnerability that could let attackers gain complete control of a PC simply by enticing users to a malicious Web site.
"We’re looking into the problem," said Mike Schroepfer, Mozilla's director of engineering, on Friday in an interview, "and we'll respond with a patch as quickly as possible."
Although the fix Mozilla posted wasn't a patch per se, it does eliminate the vulnerability in the browser's support for international domain names, (IDN). Users can either follow the directions for manually disabling IDN posted on the Mozilla site, or download and install a small patch which makes the changes.
"IDN functionality will be restored in a future product update," promised Mozilla in the patch alert.
"This is obviously an unsatisfactory solution in the long term and it is hoped that a better fix can be developed in time for Firefox 1.1," said Mozilla in a statement back in February. (The "Firefox 1.1" tag was later dropped in favor of version 1.5, which released in beta form on Friday.)
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.