Firefox Bug Could Search and Upload your Files Secreatly

Attention, Firefox users: Stop what you’re doing and update your web browser.

An exploit discovered on Wednesday could potentially search your local files and upload them to a server that appears to be in Ukraine, according to a blog post Mozilla published on Thursday. The company strongly recommends users update to the Firefox 39.0.3 or Firefox ESR (Extended Support Release) 38.1.1.

An advertisement on an unnamed Russian general news website can use a security vulnerability to perform the search and upload without leaving any trace on your computer, according to the post.

The security bug affects Windows and Linux users; Mac users are reportedly safe, though “would not be immune,” according to the post by Mozilla lead security expert Daniel Veditz.

“The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer,” Veditz wrote. “Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable.”

Veditz added that users who have ad-blocking software enabled may be unaffected.

If you aren’t on the latest version of Firefox, you can find instructions on how to update it here.


Posted on August 9, 2015, in Uncategorized and tagged , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: