Mozilla Firefox 1.0.7, a security and stability update to the flagship Mozilla browser, is now available for download. Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw. There are also other security and stability changes, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.0.x security updates have been resolved.

The Mozilla Foundation previously issued a patch for Firefox 1.0.6 that protected users against the IDN link buffer overflow flaw at the expense of removing support for IDNs. Firefox 1.0.7 has a more permanent solution that does not involve disabling IDN functionality and any users who installed the patch will find that IDN support is restored when they upgrade.

Firefox 1.0.7 can be downloaded from the Firefox product page or the Firefox 1.0.7 directory on The Firefox 1.0.7 Release Notes have more details about this upgrade and we expect the Mozilla Foundation's list of known security vulnerabilities to be updated soon.

An equivalent update to the Mozilla Application Suite, Mozilla 1.7.12, is expected shortly.