Firefox files phishing fix

By

Firefox has moved to fix a hole that could allow phishing attacks through the creation of fake websites.

Firefox 1.0.1, the name for the updated version of the increasingly popular web browser, includes a patched vulnerability in Internationalized Domain Names (IDN) that previously allowed production of spoof websites.


"Regular security updates are essential for maintaining a safe browsing experience for our users," said Chris Hofmann, director of engineering at Mozilla.

The vulnerability allows redirection of websites to spoofed creations, even if the URL appears to correct.

According to the Mozilla Foundation, the open source group who own and operate Firefox, the update also fixes a number of other bugs.

The Firefox browser recently surpassed 25 million updates, and some analysts are suggesting it's a genuine challenge to Microsoft's Internet Explorer in terms of browser hegemony. The number of downloads is all the more remarkable in that it was achieved in under 100 days.

"Twenty five million Firefox downloads is a significant achievement, and we see that number continuing to grow," said Mitchell Baker, president of the Mozilla Foundation.

Mozilla's reputation was further enhanced this month when it became the recipient of the Editor in Chief award (SC's highest accolade) at the SC Awards in San Francisco.

To see our review of the Firefox browser click here.

www.scawards.com
www.mozilla.org

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?