After being contacted by a user on August 5, Mozilla has discovered and already built patches for a rather serious exploit. Before getting to that, if you use Firefox you should probably update to version 39.0.3 or Firefox ESR 38.1.1, depending on your version. To have the browser check for the update you can go to 'Help' -> 'About Firefox' and click the 'Check for updates' button.
The exploit does not leave a trace on a machine after it runs, so you may want to reset passwords if you use Firefox for Windows or Linux. As the exploit attacked via an ad on a Russian news site though, ad-blockers may provide a level of protection, but that is speculative and dependent on the blocking software and filters used.
Source: Mozilla Security Blog
Back to original news post