Firefox Flaw Found and Fixed (Get the Patch)
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

A critical security flaw in Firefox was disclosed yesterday, and patched today. Now that’s what I call quick service.

The flaw in Firefox was a buffer overflow flaw which allowed remote code execution, if exploited, meaning that people could access your system remotely, and run programs and do other nasty things on your computer, all from afar, and without your knowledge.


The flaw was discovered by independent security researcher Tom Ferris, who reported the flaw to Mozilla. However, according to a CNet report, Ferris “decided to publicly disclose the flaw after a run-in with Mozilla staff.”

“We’d like to make sure that by the time something goes public, we have a solution for the users,” said Mike Schroepfer, a director of engineering at Mozilla, yesterday, explaining that “We believe there is a buffer overflow issue. We are still determining whether it is exploitable by attack.”

Today they released a patch for the flaw, along with the following explanation:

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

“On September 6 a security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla by Tom Ferris and on September 8th was publicly disclosed.

On September 9, the Mozilla team released a configuration change which, as a temporary measure to work around this problem, disables IDN in the browser. IDN functionality will be restored in a future product update. The fix is either a manual configuration change or a small download which will make this configuration change for the user. ”

So there you have it. You can get the manual fix, or the patch, for the [Page no longer available – we have linked to the archive.org version instead].

 

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.