Saturday, February 26, 2005
Firefox Browser 1.0.1
If you haven't already downloaded Firefox's browser or, you have it installed already, you will need to download their newest version 1.01. The security update for Firefox includes several fixes to guard against spoofing and arbitrary code execution.
The spoof exploits flaws in how the browser interprets the Unicode a character set, which can be used to create “homogenic” attacks, where two different combinations of characters in an HTML link can display the same URL, but send users to different sites. Clients can avoid the attack in Firefox and Mozilla by typing in the URL: about:config (becareful as you navigate through this field). Look for: network.enableIDN and change to false by double clicking.
The spoof exploits flaws in how the browser interprets the Unicode a character set, which can be used to create “homogenic” attacks, where two different combinations of characters in an HTML link can display the same URL, but send users to different sites. Clients can avoid the attack in Firefox and Mozilla by typing in the URL: about:config (becareful as you navigate through this field). Look for: network.enableIDN and change to false by double clicking.
Disclamier:
The information on this site is provided for discussion purposes only, and are not investing recommendations. Under no circumstances does this information represent a recommendation to buy or sell securities. Past performance is no guarantee of future results.
