Update Firefox now! Fix rushed out for an exploit that steals files off your hard drive
Late Thursday night, Mozilla released a security patch for the Firefox browser after finding a serious vulnerability being exploited in the wild. The vulnerability allows malicious attackers to use some JavaScript magic to search for and upload potentially sensitive from your hard drive to their servers.
Mozilla is asking all Firefox users to upgrade immediately to version 39.0.3. Anyone on the Firefox Extended Support release via their school or business should upgrade to version 38.1.1.
The security issue only affects PCs since the flaw relies on an interaction between Firefoxs PDF Viewer and other parts of the browser. Firefox for Android does not have the PDF Viewer and therefore not vulnerable, according to a blog post by Mozillas security lead, Daniel Veditz.
Mozilla first became aware of the flaw after a Firefox user noticed that an ad embedded on a Russian news site was using an exploit to search for sensitive files. The malware would then upload the sensitive files to a server in the Ukraine. This all appears to happen in the background with the user none the wiser. The malware also leaves no trace it was ever on your machine.
Read more: http://www.pcworld.com/article/2960789/browsers/update-firefox-now-fix-rushed-out-for-an-exploit-that-steals-files-off-your-hard-drive.html
hobbit709
(41,694 posts)Downwinder
(12,869 posts)passnobuck
(92 posts)I can't seem to find the place where the version is stated.
SwankyXomb
(2,030 posts)That's the three lines, then the ? for the help menu, then About Firefox.
passnobuck
(92 posts)I found it.
Version 39
I got a notice to update it yesterday I remember now.