New Firefox Update 39.0.3 Patches Major Vulnerability
Thursday, Mozilla released a security patch for a major vulnerability in the Firefox browser. The loophole allowed hackers to “search for and upload” documents from your hard drive to their servers. Mozilla is urging all Firefox users to upgrade to Firefox version 39.0.3. If you are using the Firefox Extended Support Release via school or business, you should upgrade to Firefox 38.1.1.
Mozilla became aware of the issue when a Firefox user noticed “an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine.” According to Mozilla, the vulnerability stems from an interaction between JavaScript’s context separation and Firefox’s PDF Viewer. Products not containing the PDF Viewer, such as Firefox for Android, are not at risk. Mozilla recommends changing any passwords or keys for Windows and Linux consumers using s3browser, Filezilla and Psi+.
If you have any questions about network security call Directory One, now offering monthly IT services packages. Make sure all of your computers are protected, call now (713) 465-0051.