Firefox 0day Vulnerability

I received this email and thought that I should share this.

For all firefox users, it is recommended that you switch to an alternate browser till a patch is made available.

According to this article in ARSTechnica

"There's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday."

Mozilla devs are working on a fix. But till then, do switch to other browsers temporarily.

"A representative of Mozilla said officials are aware of the vulnerability and are working on a fix. While the vulnerability was already being actively exploited, the publication of the complete source code now puts it in the hands of a much wider base of people. Until a patch is available, Firefox users should use an alternate browser whenever possible, or they should at the very least disable JavaScript on as many sites as possible."

Sort:  

Update: The TOR Project has updated its TorBrowser with a fix for the vulnerability. Users are advised to update to version 6.0.7 of TorBrowser as the vulnerability is actively exploited on Windows, TOR Project developer Georg Koppen said.

He advised Apple macOS / OS X and Linux users to also upgrade their browsers, as the bug affects the anonymising software running on those operating systems as well. But Koppen said there was no current indication that the bug has been exploited on Apple macOS / OS X or Linux.

Koppen said TorBrowser users who set their security slider to “high” are thought to be safe from the Javascript vulnerability.

The patch also updated the NoScript Javascript/Java/Adobe Flash blocker for Firefox to version 2.9.5.2.

thanks for posting the update. appreciate it.

Thanks for the warning, what the hell happened to Firefox? It used to be really good but now I've kind of had to switch to google chrome partly because of the speed difference.

no problem. i guess when one diversifies too much, their focus can't be on concentrating on improving just a single product. to me i switched from chrome to firefox. cos chrome bogged my system down. haha

So its not a Firefox problem but one of JavaScript?
Really anyone still having it on?