Firefox users at risk; Mozilla recommends users to update after flaw could lead to data theft

Mozilla_Firefox_logo_2013.svgThe official Mozilla Firefox Security Blog unveiled a major security flaw in Firefox that has been discovered through an advertisement in a Russian news site. The bug will allow the malware search for sensitive files in the victim’s computer and will then reportedly upload them to a server hosted in Ukraine. Following the discovery of a file-stealing exploit, Mozilla is urging all Firefox users to update their browser.

Mozilla’s security chief, Daniel Veditz said in a company’s blog that the security flaw in Firefox surfaced from the interface of the system responsible for the separation of JavaScript context and the Firefox PDF reader. The hacker attacks only developer oriented files such as File Transfer Protocol found in Windows, implying that personal files are not hacked although the attack is intimidating. Cody Crews, a security researcher, discovered the exploit and immediately notified it to Mozilla.

The effect of the attack gives the hacker the capacity to elude the Firefox security and install a malicious script that searches for files which stores passwords that are stored in the browser itself and are used in many FTP programs. Moreover, in all accesses that carried the page where the malicious ad was present, the malware did not leave traces, according to Mozilla.

The company has already released its latest version of Firefox, version 39.0.3, on Aug. 5 that has a fix for the security flaw, but users who have not yet received the update notification can do it manually by accessing the official website of Mozilla and safeguard themselves from the major security flaw in Firefox.

It has been discovered that the exploit affects both Windows and Linux operating systems. The exploit has not affected Macs yet but the hackers could also attack the Mac users. So Mozilla is also urging Apple system users to upgrade their system with the latest version of Firefox.

Even users who have not accessed the Russian news site that had the announcement should also upgrade their browsers, because it is not clear if the ad was deployed to other internet sites. People using software that blocks advertisements on the Web may have been safe from the security breach, but that is still dependent on the particular program and filters applied.

The company also made it clear that Firefox for Android and other Mozilla products that do not have an integrated PDF reader will not have the security flaw and cannot be affected by this attack.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Top 6 Energy Dividend Stocks to include in your portfolio

Top 6 Energy Dividend Stocks to include in your portfolio

The entire energy sector yield hovers around 4%, according to the Energy Select Sector SPDR exchange-traded fund.
11 hours ago
Monte dei Paschi performance below par in EU banks stress test

Monte dei Paschi performance below par in EU banks stress test

The depletion of capital at each bank under the test’s harshest scenario will be closely scrutinised, and could potentially lead to hostile takeovers
2 days ago
Nokia to launch T20 tablet with 10.36 inch display

Nokia to launch T20 tablet with 10.36 inch display

The Nokia T20 will sport a 10.36-inch display and will have 4 GB RAM along with 64 gigs of native storage.
4 days ago
Ford sees surprise Q2 profit despite chip shortage and manufacturing hassles

Ford sees surprise Q2 profit despite chip shortage and manufacturing hassles

“The business is ‘spring loaded’ for a rebound when semiconductor supplies stabilize and more closely match demand.”
4 days ago
Audi A6 E-tron Production Launch in 2023

Audi A6 E-tron Production Launch in 2023

Audi has confirmed that there will be multiple variants of the etron, including “basic versions optimized for minimum consumption and maximum range.
5 days ago
Royal Dutch Shell buyback lifts investor sentiment

Royal Dutch Shell buyback lifts investor sentiment

Royal Dutch Shell commences share buybacks before the end of this year while reducing its first quarter dividend to 16 cents per share, a 66% cut.
5 days ago