Mozilla fixes zero-day Firefox bug used to attack Tor users

Journalistic software-Tor Browser

For various PC problems, we recommend to use this tool.

This tool will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Quickly fix PC issues and prevent others from happening with this software:

  1. Download ReimagePlus (100% safe download).
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues.

The Tor browser is the most widely used privacy tool to browse the Internet anonymously. The Tor Project built the network partially on open source code similar to an old version of Firefox. Exploit a vulnerability in that Firefox version and you unmask the otherwise anonymous Tor users. That’s what happened with Mozilla’s popular browser this week, and the organization was quick to roll out an update that fixes the zero-day vulnerability.

A public Tor Project mailing list revealed the bug which prompted Mozilla to update Firefox to version 50.0.2. The Tor Project team also issued patches for the Tor browser that now bumps it up to version 6.0.7. While The Tor Project believes the vulnerability has affected only the Windows users, it is also possible that the bug has hit macOS and Linux users as well.

The zero-day vulnerability also affected Mozilla’s Thunderbird e-mail application and the Firefox Extended Support release version. Daniel Veditz, Mozilla’s security team lead, wrote in a blog post:

The exploit took advantage of a bug in Firefox to allow the attacker to execute arbitrary code on the targeted system by having the victim load a web page containing malicious JavaScript and SVG code. It used this capability to collect the IP and MAC address of the targeted system and report them back to a central server.

A serious threat

If an attacker can lure a user into visiting a malicious web content, it is possible to remotely execute arbitrary code on the system by taking advantage of the vulnerability.

Security experts believe the exploit is similar to a Firefox flaw the FBI used in 2003 to identify visitors to a child-abuse site. Veditz wrote that the threat now poses a serious threat to privacy if a government agency indeed built it.

This similarity has led to speculation that this exploit was created by FBI or another law enforcement agency.

Read also:

Trusted by 500 million users. Get the best antivirus protection at 50% off

Your computer is vulnerable to malware, therefore it’s important to protect it properly. Malware comes in various forms, and it can cause performance loss and many other security-related issues.

If you’re looking for a professional tool that can protect your PC from malware, spyware and ransomware, we strongly recommend you try Bitdefender. Considered by experts to be the best antivirus in the world, Bitdefender has more than 500 million active users worldwide. Become the member of Bitdefender family today and secure your PC from all online threats.

Download Bitdefender at a special price

Tags: