Categories: Web

Mozilla urges users to upgrade Firefox after security flaw found

Mozilla has hurried out a major update to its Firefox browser this weekend which is designed to rectify a significant security flaw identified last week.

Soon after releasing Firefox 16 last week the browser maker found that a security hole could allow hackers to see Firefox users’ browsing history and URL parameters.  The Mozilla community was quick to spot the issue and removed the update from its site but not before the version was downloaded by hundreds users.

Since April 2012 Mozilla has been automatically updating users’ versions of Firefox.

Users that did upgrade to Firefox 16 are being urged to upgrade to Firefox 16.0.1 which the organisation says removes the flaw.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.  At this time we have no indication that this vulnerability is currently being exploited in the wild.”

The security hole was not knowingly exploited by any hackers, although some users were able to test the issue to see how it could be used to obtain users’ personal data.  One test  managed to obtain a user’s Twitter ID amongst other data.  The flaw was only introduced with Firefox 16, no earlier version of the program is vulnerable.

The danger could be that hackers could associate a user’s search habits with their social networking accounts to build a profile of their online activities.

You can check if you have the flawed version of Firefox by clicking Help > About (or pressing Alt+H+A) in the browser.  Firefox should then check for the latest correct version of the software and begin downloading this automatically.  Alternatively, Firefox 16.0.1 can be downloaded from the Firefox website.

While this is an embarrassment for Mozilla, the open source browser is still considered to be one of the most secure.

Last month the German government urged its citizens to stop using Microsoft’s Internet Explorer because a Trojan, called Poison Ivy which targets the browser, had yet to be fixed.  A successful Poison Ivy attack would have provided hackers with control over the user’s system.

Ajit Jain

Ajit Jain is marketing and sales head at Octal Info Solution, a leading iPhone app development company and offering platform to hire Android app developers for your own app development project. He is available to connect on Google Plus, Twitter, Facebook, and LinkedIn.

View Comments

Recent Posts

With surge in AI-generated code creates security concerns, DeepSources launches trio of autonomous AI agents for DevSecOps 

Autonomous, AI-powered employees are set to begin roaming corporate networks sooner than expected, marking the…

1 day ago

As carcinogenic chemicals from cleaning products hit the headlines, Viking Pure Solutions is protecting employees from harm

Despite the ongoing fight to reduce, reuse and recycle plastics, when it comes to environmental…

1 day ago

Muddy Waters vs. AppLovin: Why Investors Might Be the Real Target

Muddy Waters’ recent short report on AppLovin reads serious. Abuse, violations, an impending takedown. But…

2 days ago

Trump’s Tariff Policy: An Apparent Double Standard for Apple?

Do you know how I knew that Trump would be the 47th President of the…

2 days ago

These travel bloggers have the best tips on how to make the most of your trip to the UK

From Stonehenge to the Tower of London, Buckingham Palace to the Angel of North, there’s…

3 days ago

The science of what we eat: The NYU math grad bringing sustainable olive oil to your kitchen (Brains Byte Back Podcast)

When it comes to what we eat, more of us are asking the right questions:…

5 days ago