Marc said:
You can find a FULL LIST of the non-Microsoft browsers hit by this
serious vulnerability here:
http://www.verisign.com/products-se...alized-domain-names/page_002201.html#01000002
Regards
Marc Liron
Microsoft MVP
www.updatexp.com
www.podcasting-101.com
This can be worked around in Mozilla Firefox by disabling IDN support.
To do this, you will have to edit compreg.dat, which is located in your
Firefox profile directory:
c:\Documents and Settings\[User Name]\Application
Data\Mozilla\Firefox\Profiles\[ramdom].default\compreg.dat
First make a backup copy of compreg.dat, and then open this file with a
text editor, which understands the line endings in it, such as Wordpad,
and comment out all lines containing IDN by adding "#" at the start of
the line.
Example:
#
{4byteshex-2byteshex-2byteshex-2byteshex-6byteshex},@mozilla.org/network/idn-service;1,,nsIDNService,rel:libnecko.so
Repeat for all lines containing "IDN." Save and exit out of your text
editor, and then set the compreg.dat file as read only. Don't install
any new extentions for Firefox until the Mozilla development team issues
and fix for the IDN spoofing problem.
Go to
http://secunia.com/multiple_browsers_idn_spoofing_test/ to test if
the work around was successful.
--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"