Firefox has a new security hole, but you can already patch it

Yesterday, someone noticed that an ad from a Russian news site was exploiting a serious vulnerability in the Firefox browser. According to a Mozilla security post, the attacker was able to bypass the browser’s “origin policy” (its front line of security), inject a malicious javascript script and download sensitive local files to a server in the Ukraine. Mozilla said the attack was “surprisingly developer-focused for an exploit launched a general audience news site,” because it hunted browser and FTP configuration files. It added that the “exploit leaves no trace that it has run on the local machine.”

Read full post here:

Share on FacebookPin on PinterestTweet about this on TwitterShare on LinkedIn