Firefox Security Hole

User avatar
Kawasaki
Posts: 156
Joined: Wed Apr 20, 2016 9:53 am
Location: Ohio
Contact:

Firefox Security Hole

Postby Kawasaki » Wed Nov 30, 2016 9:39 am

We’re publishing this as an emergency bulletin for our customers and the larger web community. A few hours ago a zero day vulnerability emerged in the Tor browser bundle and the Firefox web browser. Currently it exploits Windows systems with a high success rate and affects Firefox versions 41 to 50 and the current version of the Tor Browser Bundle which contains Firefox 45 ESR.

If you use Firefox, we recommend you temporarily switch browsers to Chrome, Safari or a non-firefox based browser that is secure until the Firefox dev team can release an update. The vulnerability allows an attacker to execute code on your Windows workstation. The exploit is in the wild, meaning it’s now public and every hacker on the planet has access to it. There is no fix at the time of this writing.

Currently this exploit causes a workstation report back to an IP address based at OVH in France. But this code can likely be repurposed to infect workstations with malware or ransomware. The exploit code is now public knowledge so we expect new variants of this attack to emerge rapidly.

This is a watering hole attack, meaning that a victim has to visit a website that contains this exploit code to be attacked. So our forensic team is keeping an eye on compromised WordPress websites and we expect to see this code show up on a few of them during the next few days. An attackers goal would be to compromise workstations of visitors to WordPress websites that have been hacked.


Source - https://www.wordfence.com/blog/2016/11/ ... -day-wild/

User avatar
Folder
Posts: 1076
Joined: Wed Jul 27, 2016 9:04 am
Location: Texas

Re: Firefox Security Hole

Postby Folder » Wed Nov 30, 2016 9:55 am

Good to know, thanks.
<Silhouette>

User avatar
iced
Posts: 64
Joined: Wed Jul 27, 2016 9:37 pm

Re: Firefox Security Hole

Postby iced » Thu Dec 01, 2016 8:59 am

you're a hole

User avatar
Kawasaki
Posts: 156
Joined: Wed Apr 20, 2016 9:53 am
Location: Ohio
Contact:

Re: Firefox Security Hole

Postby Kawasaki » Thu Dec 01, 2016 11:30 am

From what I am seeing, the bug was fixed yesterday evening.

https://bugzilla.mozilla.org/show_bug.cgi?id=1321066


Return to “Archive Chat”

Who is online

Users browsing this forum: No registered users and 24 guests

cron