Mozilla: Firefox Bug Could Secretly Search, Upload Your Files
In a blog post yesterday, Mozilla said it released a security patch to fix the vulnerability, and is urging Firefox users on computers running Windows and Linux to update to Firefox 39.0.3 (you can do that by clicking here).
The company says a Firefox user found an ad on a general news site in Russia that was serving the bug up, which would then search for sensitive files and upload them to a server that appears to be in Ukraine.
“The files it was looking for were surprisingly developer focused for an exploit launched on a general audience news site, though of course we don’t know where else the malicious ad might have been deployed,” Mozilla notes.
At this point, Mozilla products that don’t contain its PDF viewer, like Firefox for Android, aren’t vulnerable. Mac users aren’t affected either, though they “would not be immune should someone create a different payload,” Mozilla adds. You also may be safe if you use ad-blocking software.
Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.