Skip to main content
  1. Home
  2. Computing

Firefox 1.0.7 Fixes Security Glitches

By

On Wednesday, the Mozilla Foundation released Firefox 1.0.7 for Windows, Mac OS X, and Linux; the new release includes a number of minor changes, but most importantly fixes two potentially serious security issues which have been widely publicized in recent days.

The most-reported problem fixes an issue with Firefox’s International Domain Name (IDN) feature, which enables Mozilla products to display and resolve Internet domain names using international and/or non-Latin character sets. Links pointing to a long domain name composed entirely of dashes could trigger a buffer overflow which (in theory) could have enabled an attacker using a carefully crafted link to execute arbitrary code on a user’s machine. Although there have been no known exploitations of this problem, Mozilla quickly posted information on how to disable IDN while they worked on a solution.

Recommended Videos

A second serious issue potentially enabling malicious URLs to execute shell scripts under Linux is also addressed in the FireFox 1.0.7 release, along with a potential crash using certain Proxy Auto-Config scripts and some bugs with earlier editions of FireFox which were re-introduced with previous 1.0.x security updates.

Related

The Mozilla Foundation encourages all Firefox users to download and install the 1.0.7 update, which is all well and good; however, repeated attempts to download the update from the Mozilla.org site have failed for more than 30 hours, delaying access to (and coverage of) this update. The Mozilla Foundation has been repeatedly asserting that its response to security issues in its products is more rapid than commercial developers like Microsoft, but the speed of a security fix is immaterial if impacted users cannot acquire the update.

Editors' Recommendations

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
How to make your Mac private and secure
Apple MacBook Pro side view showing keyboard deck and ports.

Mac OS is an inherently secure and private operating system, but that doesn't mean there's nothing you can do to ensure that it's as safe and private as possible. Here's how to make your Mac private and secure in a few different ways.

Read more
Zoom just fixed a major security flaw on Mac. Here’s why you should update now
The Logitech Brio 4K Pro attached to a Macbook.

If you have Zoom installed on your MacBook, you'll want to update the app right now. Zoom spent the weekend patching a major security flaw in its Mac app, and the update is available right now.

According to The Verge, it all began at Def Con, a computer security and hacker conference in Las Vegas. The founder of the security non-profit Objective-See and an ex-NSA security analyst, Patrick Wardle, took to the stage on Friday and presented a stunning find: a massive security vulnerability in the Zoom installer for MacBooks.

Read more
Data recoverers finally crack the highly secure Apple M1 chip
Apple M1 chip on a motherboard.

Apple's highly secure M1 chip is a tough nut to crack, but it appears the experts at DriveSavers have finally done it. The company announced they "may be the first" to recover data from the M1 in a recent press release.

DriveSavers is confident in this because the company's engineers successfully transplanted an M1 chip from a faulty logic board to a functional one, which enables them to access the data.

Read more