Skip to main content

Firefox 1.0.7 Fixes Security Glitches

On Wednesday, the Mozilla Foundation released Firefox 1.0.7 for Windows, Mac OS X, and Linux; the new release includes a number of minor changes, but most importantly fixes two potentially serious security issues which have been widely publicized in recent days.

The most-reported problem fixes an issue with Firefox’s International Domain Name (IDN) feature, which enables Mozilla products to display and resolve Internet domain names using international and/or non-Latin character sets. Links pointing to a long domain name composed entirely of dashes could trigger a buffer overflow which (in theory) could have enabled an attacker using a carefully crafted link to execute arbitrary code on a user’s machine. Although there have been no known exploitations of this problem, Mozilla quickly posted information on how to disable IDN while they worked on a solution.

A second serious issue potentially enabling malicious URLs to execute shell scripts under Linux is also addressed in the FireFox 1.0.7 release, along with a potential crash using certain Proxy Auto-Config scripts and some bugs with earlier editions of FireFox which were re-introduced with previous 1.0.x security updates.

The Mozilla Foundation encourages all Firefox users to download and install the 1.0.7 update, which is all well and good; however, repeated attempts to download the update from the Mozilla.org site have failed for more than 30 hours, delaying access to (and coverage of) this update. The Mozilla Foundation has been repeatedly asserting that its response to security issues in its products is more rapid than commercial developers like Microsoft, but the speed of a security fix is immaterial if impacted users cannot acquire the update.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Apple fixed one of my biggest macOS gripes with Sonoma — but I still want more
Federighi talking about Continuity Camera.

Apple’s macOS Sonoma update has just been launched and, let’s be honest here, it’s a pretty modest upgrade (probably thanks to the work required on the Vision Pro’s software). Still, when Apple unveiled Sonoma a few months ago, there was one feature that got me excited: Continuity Camera.

This nifty tool lets you use your iPhone as a high-quality webcam. Sure, it actually debuted with macOS Ventura, but this year we’ve got much more control over how it works. Sliders! Toggles! Yes, it’s all here.

Read more
How macOS Sonoma could fix widgets — or make them even worse
Apple's 15-inch MacBook Air on a desk, with macOS Sonoma running on its display.

At its Worldwide Developers Conference (WWDC) earlier this year, Apple revealed that interactive widgets would be coming to macOS Sonoma. That probably sounds like a tiny new feature, and sure, it’s not as earth-shattering as the Vision Pro announcement. But it could turn out to be one of the most divisive new features in the Mac operating system.

In macOS Sonoma, you’ll be able to plant widgets on your desktop instead of hiding them in the Notification Center. Many widgets will be interactive, letting you tick off to-do list items without opening the widget’s app, for example. And you’ll be able to run iOS widgets right on your desktop, even if that app isn’t installed on your Mac. It’s a pretty comprehensive overhaul. Depending on how well these interactive widgets work, though, we could be left with a bunch of annoying distractions or a set of super-helpful timesavers. The way Apple handles them is going to be vital.
We've been here before

Read more
This macOS concept fixes both the Touch Bar and Dynamic Island
Concept of macOS dynamic dock.

What if your macOS dock behaved more fluidly, dynamically morphing to show background processes such as download progress, media controls, text messages, and so on?

The following concepts demonstrate "what if" macOS and iOS Live Activities got together and had a child, and they have certainly got my imagination going.

Read more