Jump to content


Serious Exploit Found in Firefox: Mozilla Urges Update

3 replies to this topic

#1 Guest_Jim_*



  • News Editor
  • PipPipPipPipPipPip
  • 9636 posts
  • Gender:Male

Posted 07 August 2015 - 10:36 AM

After being contacted by a user on August 5, Mozilla has discovered and already built patches for a rather serious exploit. Before getting to that, if you use Firefox you should probably update to version 39.0.3 or Firefox ESR 38.1.1, depending on your version. To have the browser check for the update you can go to 'Help' -> 'About Firefox' and click the 'Check for updates' button.

The exploit comes from how the mechanism for enforcing JavaScript context separation (the "same origin policy") and Firefox's PDF Viewer. (If your Mozilla products do not include the PDF Viewer, like the Android version, you are safe.) The exploit does not allow arbitrary code to be executed, but does inject a JavaScript payload. So far the only observed use of this vulnerability was to transmit potentially sensitive files to a server apparently in Ukraine. Oddly the attack has a developer focus, as the files being searched for included configuration data for subversion, s3browser, and Filezilla on Windows, while on Linux it went after the configuration files in /etc/passwd as well as .bash_history, .mysql_history, .pgsql_history, and .ssh files and keys. Mac users would not be immune to this vulnerability, but were not apparently targeted.

The exploit does not leave a trace on a machine after it runs, so you may want to reset passwords if you use Firefox for Windows or Linux. As the exploit attacked via an ad on a Russian news site though, ad-blockers may provide a level of protection, but that is speculative and dependent on the blocking software and filters used.

Source: Mozilla Security Blog

Back to original news post

#2 ET3D



  • Members
  • PipPip
  • 118 posts
  • Gender:Not Telling

Posted 08 August 2015 - 09:55 PM

Thanks for the heads up. Updated.

#3 get_saif



  • Members
  • PipPip
  • 429 posts

Posted 09 August 2015 - 04:21 AM

hmmm... I better stick with chrome, i like the way my google account syncz.. but i see chrome takes almost 310mb disk space on windows 10.

|| i5-4690K 4.6Ghz || Z97-A || Kingston 8Gb || Corsair Hx750i || Cooler Noctua NH-U14s || Gigabyte G1 Gaming GTX 980 || Kingston Hyper X ssd 128Gb || 1Tb sata Hdd Seagate

#4 the11ama


    Formerly known as a rabbit

  • Members
  • PipPipPipPip
  • 1062 posts
  • Gender:Male
  • Location:1AU

Posted 12 August 2015 - 10:49 PM

Already using Adblock plus + Ghostery + NoScript. I also don't frequent Russian news sites...

Reply to this topic