Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server — possibly somewhere in Ukraine — has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version. The vulnerability stems from the interaction of Firefox’s PDF Viewer and the mechanism that enforces JavaScript context separation — the “same origin” policy, Mozilla said.
Loading ...
Mozilla Plugs Dangerous Firefox Zero-Day Hole
Posted by: Richard Adhikari August 10, 2015 10:41 AMMozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server — possibly somewhere in Ukraine — has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version. The vulnerability stems from the interaction of Firefox’s PDF Viewer and the mechanism that enforces JavaScript context separation — the “same origin” policy, Mozilla said.