Security Market Segment LS
Sunday, 09 August 2015 22:52

URGENT: Update your Firefox browser NOW Featured

By
Update your FIREFOX BROWSER NOW Update your FIREFOX BROWSER NOW

If you’re using Firefox, a new exploit found in the wild uploading sensitive files to a server in Ukraine needs patching with the latest version of Mozilla’s browser NOW.

Mozilla has issued a blog post and a security advisory that you need to know about.

On the 5th of August, a Firefox user informed Mozilla that ‘an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine.’

Naturally, Mozilla has urged its users to update to Firefox 39.0.3, Firefox OS 2.2 (on Firefox phones) and Firefox ESR 38.1.1, which fixes the vulnerability.

Mozilla’s blog post explains that ‘the vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer.’

In case you’re wondering, Mozilla explains that its ‘products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable.’

On Mac OS X, start Firefox, click on the bold word Firefox next to the Apple symbol at the top left hand corner, and click on 'About Firefox'. This will check for udpates and will show you the current version number. If any updates are available, they will commence downloading, after which you will be prompted to restart Firefox to complete the update. 

Firefox should be automatically set to install security updates, but if you have older versions there's no guarantee you have this setting on. 

On Windows, start Firefox. If you have a dropdown Firefox menu at the top left hand corner of the Firefox browser window, you definitely have an older version.

If you see this version, select Help and then click on 'About Firefox.'

If you have a newer version, you won't see the dropdown Firefox menu on the left, but you will see the three line 'hamburger menu' on the end right hand side on the icons to the right of the address bar and the search box.

To immediately and manually check for updates, click on the three line hamburger menu icon again, and then at the bottom of the menu, click on the 'question mark' symbol.

This brings up the help menu options, at the bottom of which is 'About Firefox'. Do this and the same checking for updates sequence will occur as with Mac OS X, showing you the version number and downloading any updates that are available, after which you will be prompted to 'Restart to Update'. 

On the PC and Mac versions of Firefox, you can also click the three line hamburger icon and you'll see menu pop-up. At the bottom is 'options', which loads the preferences/options page in 'General'. On the left hand side of the screen, you'll see a list of settings headings.

The last one is called 'Advanced', which when clicked on gives you opens the advanced settings, which includes an 'updates' heading. Click it and you should see that 'Automatically install updates (recommended: improved security)' is selected and that 'Warn me if this will disable any of my add-ons' is ticked. 

This should keep you updated automatically but if you haven't been using Firefox for a while it's a good idea to do a manual check just to be sure.

Mozilla advises that ‘the exploit leaves no trace it has been run on the local machine. If you use Firefox on Windows or Linux it would be prudent to change any passwords and keys found in the above-mentioned files if you use the associated programs. People who use ad-blocking software may have been protected from this exploit depending on the software and specific filters being used.’

For additional technical details, please visit the blog post and the security advisory.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments