According to mozillaZine, "The Mozilla Foundation previously issued a patch for Firefox 1.0.6 that protected users against the IDN link buffer overflow flaw at the expense of removing support for IDNs. Firefox 1.0.7 has a more permanent solution that does not involve disabling IDN functionality and any users who installed the patch will find that IDN support is restored when they upgrade." (emphasis mine)
My experience this morning is that if you did not apply the patch to 1.0.6 but rather set network.EnableIDN false by editing about:config manually, installing v1.0.7 does not set network.EnableIDN back to true. You'll have to do that manually.