Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Firefox Update Fixes Security Flaws

By Nate Mook, BetaNews

February 25, 2005, 11:12 AM

The Mozilla Foundation has released the first update to Firefox since its official launch last November. Version 1.0.1 features a number of stability and security fixes, including a workaround for Internationalized Domain Names, which caused a stir earlier this month after researchers discovered the potential for spoofing.

"Regular security updates are essential for maintaining a safe browsing experience for our users," said Chris Hofmann, director of engineering for the Mozilla Foundation.

To protect users from phishing attacks that exploit the IDN standard, Firefox now displays international domains in their "Punycode" form, which is the special format used to differentiate between IDN and standard ASCII domains.

Mozilla developers originally said they would disable IDN support all together in the Firefox update, but opted for a more balanced approach.

"The Mozilla Foundation has developed a community of users and developers who continuously provide feedback on Mozilla software, and as a result of that constant vigilance, we are able to provide quick and effective responses to security vulnerabilities," said Hofmann.

Available in 28 languages, Firefox has been downloaded over 27 million times. Firefox 1.0.1 is immediately available for Windows, Mac OS X and Linux.

Add a Comment (13 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By amitpagarwal

posted Feb 26, 2005 - 12:43 AM

Another reason for IE7

Score: 0

By irdepesca572

posted Feb 25, 2005 - 11:28 AM

Thanks for posting this, I probably wouldn't have known otherwise.

Score: 0

By se7en11

posted Feb 25, 2005 - 1:30 PM

www.slashdot.org - they're always ranting about Firefox. (Which is definiatly a good thing)

Score: 0

By Metshrine

posted Feb 25, 2005 - 2:17 PM

Where are all those whiners about how long MS takes to release a patch. Firefox took several months from its initial release to fix a problem that has been known about for some time. Heck, even microsoft fixed their browser faster than this! GO MS!!!

Score: 0

By paull2k

posted Feb 27, 2005 - 7:57 PM

What kind of idiot are you? Firefox takes longer to release a patch or whole new version of their browser. Because...
1) Firefox, is more secure than IE. Sure it has its flaws at time, but in the long run it is ultimately better than IE.
2) Microsoft, releases security patches for their browser all the time because their browser is integrated directly into Windows

#2 all by itself is a huge mistake. Therefore any flaws which are found in the browser, directly affect the Operating System as well.

Score: 0

By DonGato

edited Feb 26, 2005 - 5:50 AM

The IDN issue wasn't considered a bug but a security threat. Anyway, I think both Mozilla and Opera devs with their approach of 'we don't have anything to fix' and the time spent to realize a fix was needed made a mistake.

About IE, well... it's old, it's bad for serious application developers and it's like gruyere cheese in the security department (full of holes). I don't think IE 7 will change much and anyway it will be targeted to Windows XP SP2 users only so I would say a lot of users won't use it.

For that date they will have between 10 and 20% less users and those won't come back. Don't forget Microsoft didn't want the browser to evolve since start and they have to do this for the pressure brought by Mozilla and users enraged by the security issues.

Score: 0

By Bugs4HJ

posted Feb 25, 2005 - 4:46 PM

Are you refering to IDN or something else?

Also, you can't compare fix A from Microsoft with fix B for Mozilla Firefox, heck, you can't even compare fix B with the (almost the) same fix for Mozilla (the suite).

Score: 0

By bourgeoisdude

posted Feb 25, 2005 - 2:19 PM

Ah, finally a comment comparing MS to Mozilla--hence the famous Betanews FF vs. IE debate begins-- :)

Score: 0

By RaveN-FH-

posted Feb 26, 2005 - 1:07 PM

quite frankly, everyone just needs to grow up. i don't understand why everyone is wandering around trying to convert the heathens.

if you like firefox, great. if you like ie, great. does anyone really care at all about what browser someone else uses?

Score: 0

By nate

posted Feb 25, 2005 - 3:43 PM

Well, at least we moved past Windows vs. Linux!

Score: 0

By shicaca

posted Feb 25, 2005 - 7:47 PM

god for real. I'm sick of hearing, "Linux is better b/c!". I can't be computerless for a few days while I rebuild it b/c something went wrong with the installation... that's the only reason I've not switched.

Score: 0

By Scary Guy

posted Feb 25, 2005 - 11:27 PM

"Well, at least we moved past Windows vs. Linux!"

Not exactly, we should move back to that one since I think they have a better (non existant) chance of winning that one than the FF vs. IE debate.

Maybe when IE7 goes to public beta then it will have a fighting chance, until then everyone knows that Firefox is a better browser.

Score: 0

By Planet.Of.Wounds

posted Feb 28, 2005 - 3:56 AM

"until then everyone knows that Firefox is a better browser."

Exactly right! Just like everybody knew the Earth was flat, before Galileo.

That's the great thing with Everybody. He always knows everything for sure. Everybody rocks!

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue