Firefox Flaw Found and Fixed (Get the Patch) - 1,522 Views,
|
Previous Article « Free Wifi on City Buses - Public Transit Provides Public Transmit
Read Next Article » Video Headstone - Vidstone’s Serenity Panel Celebrates Life, After Death
A critical security flaw in Firefox was disclosed yesterday, and patched today. Now that’s what I call quick service. The flaw in Firefox was a buffer overflow flaw which allowed remote code execution, if exploited, meaning that people could access your system remotely, and run programs and do other nasty things on your computer, all from afar, and without your knowledge. The flaw was discovered by independent security researcher Tom Ferris, who reported the flaw to Mozilla. However, according to a CNet report, Ferris “decided to publicly disclose the flaw after a run-in with Mozilla staff.” “We’d like to make sure that by the time something goes public, we have a solution for the users,” said Mike Schroepfer, a director of engineering at Mozilla, yesterday, explaining that “We believe there is a buffer overflow issue. We are still determining whether it is exploitable by attack.” Today they released a patch for the flaw, along with the following explanation: “On September 6 a security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla by Tom Ferris and on September 8th was publicly disclosed. On September 9, the Mozilla team released a configuration change which, as a temporary measure to work around this problem, disables IDN in the browser. IDN functionality will be restored in a future product update. The fix is either a manual configuration change or a small download which will make this configuration change for the user. ” So there you have it. You can get the manual fix, or the patch, for the Firefox flaw here.
Follow Anne on
Twitter 
Friend Anne on Facebook
Firefox Flaw Found and Fixed (Get the Patch)
Twitter Explained in Plain English
Previous Article « Free Wifi on City Buses - Public Transit Provides Public Transmit
Read Next Article » Video Headstone - Vidstone’s Serenity Panel Celebrates Life, After Death
Read more:
» Firefox “Lambda Replace Heap Memory” Security Flaw Reveals Sensitive User Information
» New Critical Internet Explorer (IE) Flaw Involves Msdds.dll
» Windows ActiveX Flaw Still Active After Patch
» Apple Releases New Batch of Patches, Fixes International Domain Names Phishing Flaw in Safari
For additional similar stories check out our archives on Apple & Mac, Security, Windows
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
