1. Mozilla patches big problem in Firefox browser to prevent cyber attacks

Mozilla patches big problem in Firefox browser to prevent cyber attacks

Mozilla has quickly patched a critical security flaw which affected Firefox users. This move came following a new exploit against a big security issue was discovered that targeted users of the Tor browser.

By: | Published: December 2, 2016 2:19 PM
 Mozilla, Firefox, tor, mozilla firefox, firefox tor, firefox browser, tor browser, firefox security, firefox flaw, firefox issue, mozilla patch firefox, mozilla news, firefox news, tor news, tor download, twitter, mozilla twitter, cyber security, cyber crime, firefox safety, anti virus Tor co-founder Roger Dingledine found the flaw in Mozilla Firefox and he posted it on the Tor website. (Reuters)

Mozilla has quickly patched a critical security flaw which affected Firefox users. This move came following a new exploit against a big security issue was discovered that targeted users of the Tor browser. The problem, also known as zero-day vulnerability attack a heap overflow bug. This bug gives malicious programs a chance to work itself in targeted Windows desktops and laptops. Tor co-founder Roger Dingledine found the flaw and he posted it on the Tor website. The bug has only one basic HTML and one CSS file. Dingledine himself informed about the fact that Mozilla was already patching the flaw in Firefox. He wrote, “It sounds like the immediate next step is that Mozilla finishes their patch for it. Then the step after that is a quick Tor Browser update. And somewhere in there people will look at the bug and see whether they think it really does apply to Tor Browser.”

Even as the bug uses the heap overflow issue, it also needs JavaScript to be incorporated into the browser for us. According to experts, it can be said that one need to disable Javascript while using the Tor browser as if prevents security risks and ensures a maximum of it. Mozilla recently corrected another big flaw which made it possible to control another targeted computer and also a case where another open source browser security issue was patched. Mozilla Foundation published an advisory this week at the same time it published the patch. There the company admitted that the bug “can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them.”

If The Wack0lian is to be believed the new bug calls a unique identifier to a server with address 5.39.27.226 which belongs to French ISP OVH but there is reportedly no response from there. There are also many suspicions on whether the issue somewhere relates to any FBI operation. Dan Guido, CEO of TrailOfBits in a series of tweets described the issue and also said, “The vulnerability is present on MacOS, but the exploit does not include support for targeting any operating system but Windows.” He added, “Final thoughts: the Tor Browser Bundle is unable to protect those that need it most. If you rely on it, strongly reconsider your choices.”

Please Wait while comments are loading...

Go to Top