Firefox users existing on this earth....Please update before files get stolen!

Firefox users existing on this earth....Please update before files get stolen!

Firefox users existing on this earth....Please update before files get stolen!

If you use Firefox, you should update your browser now to prevent a flaw in the software that could allow hackers to “search for and upload potentially sensitive” from your hard drive to their servers.

Mozilla isasking all Firefox users to upgrade to version 39.0.3. Most users have automatic updates turned on, however it’s important to make sure you’re running the most recent version of Firefox.

The security issue only impacts PCs because the flaw relies on an interaction between the browser’s PDF viewer and other features in the browser. Mac and Android users are not impacted.

“The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable. The vulnerability does not enable the execution of arbitrary code but the exploit was able to inject a JavaScript payload into the local file context. This allowed it to search for and upload potentially sensitive local files.” — Daniel Veditz, Mozilla

People who use ad-blocking software may have been protected from this exploit depending on the software and specific filters being used.

The exploit leaves no trace it has been run on the local machine.

A Firefox user alerted Mozilla after discovering the flaw while browsing on a Russian news website.

Read 422 times
Login to post comments