Firefox 16 Vulnerability

Friday, October 12, 2012 @ 06:10 PM gHale


Mozilla temporarily removed Firefox 16 from the current installer page after it found a security vulnerability in the new version of its browser.

The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters, said Michael Coates, director of security assurance at Mozilla.

RELATED STORIES
Mitigation, Update for PLC Hole
Sielco Sistemi Overwrite Vulnerability
Hotfix for DeltaV Vulnerability
Optimalog Closes Optima PLC Hole

Mozilla does not, however, have any information the vulnerability is currently suffering from any exploitations, he said. It is working on a fix and plans to ship updates.

Users will automatically upgrade to the new version as soon as it becomes available, Coates said.

Firefox version 15 remains unaffected, and as a precaution users can downgrade to version 15.0.1. Or they can wait until Mozilla’s patches come out and automatically applied to address the vulnerability, Coates said.

The new version of the browser released and addressed a number of security vulnerabilities, including some considered critical.

Firefox had a 20.08 percent share of desktop browsers in September, compared to 53.63 percent share for Internet Explorer and 18.86 percent for Chrome, according to Web measurement company Net Applications.



Leave a Reply

You must be logged in to post a comment.