After being contacted by a user on August 5, Mozilla has discovered and already built patches for a rather serious exploit. Anyone on the Firefox Extended Support release via their school or business should upgrade to version 38.1.1.
Advertisement
“The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer”, Mozilla wrote on its blog.
The campaign was uncovered by Mozilla security lead Daniel Veditz in a blog post.
While the vulnerability does not allow remote code execution, it does enable attackers to inject a JavaScript payload into the local file context. Still, Mozilla urged all Firefox users to update their browsers to version 39.0.3. A user in Russian Federation this week found and disclosed a bug that searches for sensitive files and uploads them to a remote server.
In the case of Windows, attackers “looked for subversion, s3browser, and Filezilla configurations files, .purple and Psi+ account information, and site configuration files from eight different popular FTP clients”, he added. Firefox users, it’s time to update your browser. Apple customers are usually not affected by the actual exploit noticed “within the wild”, however Mozilla stated they “wouldn’t be immune ought to somebody create a unique payload”, referring to the malicious code that appears for and uploads information.
The most interesting part about this whole exploit is that it leaves no trace of its existence on your machine, so you would never know if you were the victim of these data vampires.
Advertisement
A Firefox user found an advertisement on a news site in Russian Federation which was serving the Firefox exploit. It is possible that those who use ad-blocking software might be protected from this exploit, but if you want to make certain that you are protected, follow this simple steps. And Linux and Windows users must change passwords and ssh keys if you used any of these programs.
