Firefox flaw gets temporary fix

By Derek Sooman on September 14, 2005, 6:08 PM
In the aftermath of the exposure of a serious Web browser flaw in Firefox, the Mozilla Foundation is offering a temporary fix for the issue. The flaw, which was disclosed late Thursday by security researcher Tom Ferris, could let attackers secretly run malicious software on users' PCs, and arises from the way the Firefox and Mozilla browsers handle International Domain Names, or IDNs. IDNs are domain names that use local language characters, and the fix is basically to disable support for this.

"This is a temporary work-around just to deal with the immediate issue," Mike Schroepfer, director of engineering at Mozilla, said. "We're working on a future release in which we will actually fix the problem and re-enable the IDN feature." Switching off IDN support impacts a subset of Firefox and Mozilla users who actually use such special domain names, he said.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.