Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

The problem has to do with the way the Firefox and Mozilla browsers handle International Domain Names, or IDNs, said Mike Schroepfer, director of engineering at Mozilla. IDNs are domain names that use local language characters. The fix disables support for such Web addresses, he said.

http://news.com.com/Mozilla%20offers%20temporary%20fix%20for%20Firefox%20flaw/2100-1002_3-5857511.html?part=rss&tag=5857511&subj=news
Mozilla offers temporary fix for Firefox flaw | CNET News.com

CNET's download link didn't go anywhere for me so here's a link to the download just in case...

https://addons.mozilla.org/messages/307259.html
What Firefox and Mozilla users should know about the IDN buffer overflow security issue

Hi Egaladeist,

Thanks for the link. I liked the option to manually configure the workaround. It got me to dig some deeper into Firefox and improve my knowledge level that way.

Cheers,

BrainStop

BrainStop... everyone always says that open source is so great because you can just make the changes you want... so why don't you just fix the problem yourself and screw the workaround crap? ;)

cheers,

catch