Firefox users at risk; Mozilla recommends users to update after flaw could lead to data theft

Mozilla_Firefox_logo_2013.svgThe official Mozilla Firefox Security Blog unveiled a major security flaw in Firefox that has been discovered through an advertisement in a Russian news site. The bug will allow the malware search for sensitive files in the victim’s computer and will then reportedly upload them to a server hosted in Ukraine. Following the discovery of a file-stealing exploit, Mozilla is urging all Firefox users to update their browser.

Mozilla’s security chief, Daniel Veditz said in a company’s blog that the security flaw in Firefox surfaced from the interface of the system responsible for the separation of JavaScript context and the Firefox PDF reader. The hacker attacks only developer oriented files such as File Transfer Protocol found in Windows, implying that personal files are not hacked although the attack is intimidating. Cody Crews, a security researcher, discovered the exploit and immediately notified it to Mozilla.

The effect of the attack gives the hacker the capacity to elude the Firefox security and install a malicious script that searches for files which stores passwords that are stored in the browser itself and are used in many FTP programs. Moreover, in all accesses that carried the page where the malicious ad was present, the malware did not leave traces, according to Mozilla.

The company has already released its latest version of Firefox, version 39.0.3, on Aug. 5 that has a fix for the security flaw, but users who have not yet received the update notification can do it manually by accessing the official website of Mozilla and safeguard themselves from the major security flaw in Firefox.

It has been discovered that the exploit affects both Windows and Linux operating systems. The exploit has not affected Macs yet but the hackers could also attack the Mac users. So Mozilla is also urging Apple system users to upgrade their system with the latest version of Firefox.

Even users who have not accessed the Russian news site that had the announcement should also upgrade their browsers, because it is not clear if the ad was deployed to other internet sites. People using software that blocks advertisements on the Web may have been safe from the security breach, but that is still dependent on the particular program and filters applied.

The company also made it clear that Firefox for Android and other Mozilla products that do not have an integrated PDF reader will not have the security flaw and cannot be affected by this attack.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Hyundai commits $7.4 billion in US investment by 2025

Hyundai commits $7.4 billion in US investment by 2025

South Korea’s Hyundai Motor Co., announced on Thursday it will soon start manufacturing electric vehicles in the United States. The automaker plans to produce EVs, upgrade produc
9 hours ago
US inflation report of 4.2 percent raises concerns

US inflation report of 4.2 percent raises concerns

The US reported the highest inflation recorded in the last dozen years at 4.2 percent in April, riding on government stimulus packages, improved energy prices, better spending and
12 hours ago
Aon – Willis asset disposal aims to ease approval of $30 billion merger

Aon – Willis asset disposal aims to ease approval of $30 billion merger

Aon Plc and Willis Towers Watson have agreed to sell $3.6 billion worth of assets to rival Arthur J. Gallagher & Co. in a bid to appease European competition regulators over th
1 day ago
Roblox declares Q1, reports $387 million revenue as bookings increase

Roblox declares Q1, reports $387 million revenue as bookings increase

Roblox, the hugely popular online gaming platform, reported its first-quarter earnings after becoming a listed company. Its revenue more than doubled as the videogame company benef
2 days ago
Weak US job report results in volatile market

Weak US job report results in volatile market

A weak job report resulted in a record close on Friday for the US stocks. The US labor department’s monthly non-farm payrolls report revealed employers hired 266,000 new workers
3 days ago
Star and Blackstone launch bids to buyout Australia’s Crown Resorts

Star and Blackstone launch bids to buyout Australia’s Crown Resorts

A bidding war has broken out between Australian casino company Star Entertainment Group and US private equity investor Blackstone Group over Crown Resorts, Australia’s bigges
3 days ago