Mozilla rush-releases Firefox security patch

Web browser software vendor patches up Firefox URL tracking hole.

Hackers

Mozilla has rushed out a new version of its Firefox web browser following the discovery of a security hole that could have let hackers keep tabs on the websites users' visited.

The flaw was uncovered in the 16.0 release of the open source vendor's Firefox software earlier this week, resulting in the product being withdrawn from the company's installer page.

In a blog post, confirming the vulnerability, Michael Coates, Mozilla's director of security assurance, advised users to downgrade to the 15.01 version of Firefox until a patch was created.

"The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL," wrote Coates.

"At this time, we have no indication that this vulnerability is currently being exploited in the wild."

The company released a Firefox software update for Windows, Mac, Linux and Android users yesterday.

Paul Ducklin, head of technology for Asia Pacific at anti-virus vendor Sophos, said in a further blog post that end users should not be put off from downloading the latest software.

"This latest issue reminds us that it's occasionally problematic to be too far ahead of the curve, [but] it's always risky to be behind," he added.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments to call time on WhatsApp?
communications

Should IT departments to call time on WhatsApp?

15 Jan 2021