Categories: Web

Mozilla urges users to upgrade Firefox after security flaw found

Mozilla has hurried out a major update to its Firefox browser this weekend which is designed to rectify a significant security flaw identified last week.

Soon after releasing Firefox 16 last week the browser maker found that a security hole could allow hackers to see Firefox users’ browsing history and URL parameters.  The Mozilla community was quick to spot the issue and removed the update from its site but not before the version was downloaded by hundreds users.

Since April 2012 Mozilla has been automatically updating users’ versions of Firefox.

Users that did upgrade to Firefox 16 are being urged to upgrade to Firefox 16.0.1 which the organisation says removes the flaw.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.  At this time we have no indication that this vulnerability is currently being exploited in the wild.”

The security hole was not knowingly exploited by any hackers, although some users were able to test the issue to see how it could be used to obtain users’ personal data.  One test  managed to obtain a user’s Twitter ID amongst other data.  The flaw was only introduced with Firefox 16, no earlier version of the program is vulnerable.

The danger could be that hackers could associate a user’s search habits with their social networking accounts to build a profile of their online activities.

You can check if you have the flawed version of Firefox by clicking Help > About (or pressing Alt+H+A) in the browser.  Firefox should then check for the latest correct version of the software and begin downloading this automatically.  Alternatively, Firefox 16.0.1 can be downloaded from the Firefox website.

While this is an embarrassment for Mozilla, the open source browser is still considered to be one of the most secure.

Last month the German government urged its citizens to stop using Microsoft’s Internet Explorer because a Trojan, called Poison Ivy which targets the browser, had yet to be fixed.  A successful Poison Ivy attack would have provided hackers with control over the user’s system.

Ajit Jain

Ajit Jain is marketing and sales head at Octal Info Solution, a leading iPhone app development company and offering platform to hire Android app developers for your own app development project. He is available to connect on Google Plus, Twitter, Facebook, and LinkedIn.

View Comments

Recent Posts

Check out the cool new pet-tech at Leap Venture Studio’s 9th Cohort Demo Day

Pet lovers are increasingly turning into tech lovers as well as the pet care world…

3 days ago

Tony Blair wants UK to enable animal gene editing, fund precision-bred livestock

Is genetically editing animals really about preventing pandemics, or is there something deeper to it?…

5 days ago

With space economy projected to reach $944 billion, Nisum and DeepSpace Technology partner-up to drive AI innovation to infinity and beyond

With the rise of GenAI dominating conversations in recent years, it can be easy to…

7 days ago

US should study Ukraine war, dominate AI drone tech: Eric Schmidt

AI is an all purpose tool, for good or ill, and Schmidt is placing his…

1 week ago

CBDCs, digital currencies could lead to cash extinction: IMF paper

All signs point towards a cashless society, whether through convenience or coercion -- carrot or…

1 week ago

Financial resilience weakens in SMBs, putting need for robust reporting techniques in the spotlight 

The month-end close process refers to a set of accounting processes to review, record and…

2 weeks ago