AGIX Discussion All HowTo's Linux Ubuntu, Mint & Debian Linux

Firefox Vulnerability – Quick Update

Just a quick update to remind you that you should be updating Firefox in order to stay safe from the latest vulnerability which was announced on August 5th. This effects Windows and Linux so make sure that you update both.

The current version for Firefox the contains the fix at the time of writing is 39.0.3 and according to Mozilla the fix is also available in the Extended Support Release 38.1.1

Unlike most major vulnerabilities this one does not allow Remote Code Execution in that an attacker cannot start executing code on your machine, this bug allows the attacker to download files from your machines.

From the report by Mozilla and Sophos the most targeted files on Linux were /etc/passwd and Shell scripts as they may contain valuable information in plain text, also targeted were the obvious files named pass or access. Click the links below to view the full Mozilla and Sophos articles

Mozilla Security Blog – Firefox exploit found in the wild

Sophos Naked Security – Firefox zero-day hole used against Windows and Linux to steal passwords

Leave a Reply

Your email address will not be published. Required fields are marked *