Mozilla has discovered a file-stealing mechanism in their current browser that could lead to data theft among its many users. According to PC Magazine, a Russian user found a bug that searches for sensitive files and uploads them to a remote server that is believed to be in the Ukraine. Since this discovery, the company has released an update and is urging users to download the latest version.
How do users fight against the file-stealing flaw?: Mozilla Firefox Update
These new security updates, which should rid the browsers of the bug, were released Friday morning. As most users let their computers update automatically, Firefox is now urging users to check their updates to make sure their browsers are running on Firefox 39.0.3 or Firefox ESR 38.1.1. Presently, Mozilla believes that Mac users were not affected by this breach in security; however, they are advised to go ahead and update as well. This also means changing any passwords that were saved in threads, which users might have selected “log me in automatically” on.
File-stealing Glitch: What Happened?
As explained by Daniel Veditz on the Mozilla Security Blog, “The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable.” Ad-blocking software is believed to have also prevented any theft of information. At the moment, the exact location of the bug’s release is still unclear, although the information was being sent to a server in the Ukraine.
How Do I Update my Browser?
For the most part, it is likely that users’ computers have made updates automatically. If you have the latest version of Firefox, the update is also quite simple. First, open up the menu and click “help.” After that, select “About Firefox,” which will open a pop-up window that automatically checks for any updates. If users are using any version before 39.0.3, they must click the “Restart Firefox to Update” option. Once Firefox has restarted, go back to the menu selection, and then back to “About Firefox” to double check that the browser has made the correct updates.
