ADVERTISEMENT

There's a new security hole on Firefox, you should update it now

According to a Mozilla security post, the hole gives hackers the ability to bypass the browser's "origin policy" (its front line of security).

Mozilla Firefox is one of the most popular web browsers in the world

Yesterday, one of the folks at the Mozilla office noticed that an ad from a Russian news site was exploiting a serious vulnerability in the Firefox browser.

Engadgets reports that according to a Mozilla security post, the attacker was able to bypass the browser's "origin policy" (its front line of security), inject a malicious javascript script and download sensitive local files to a server in the Ukraine.

Mozilla said the attack was "surprisingly developer focused for an exploit launched a general audience news site," as it sought things like browser and FTP configuration files. The company added that the "exploit leaves no trace that it has run on the local machine."

According to Engadget, Mozilla said the malicious scripts can affect PC and Linux computers, but not Macs. However, Apple users are still advised to update, as hackers could develop a different attack script for OS X.

ADVERTISEMENT

Luckily for everyone, the person who spotted the flaw was security researcher Cody Crews, who immediately notified Mozilla who has patched the flaw with Firefox version 39.0.3, so now would be a good time to get it.

JOIN OUR PULSE COMMUNITY!

Unblock notifications in browser settings.
ADVERTISEMENT

Eyewitness? Submit your stories now via social or:

Email: eyewitness@pulse.com.gh

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT