![]() ![]() ![]() By the time it was discovered, it was already being used to de-anonymize Tor Browser users. The issue comes from an object nsSMILTimeContainer that is used to produce the SVG animation in Firefox. The Tor Project rushed to issue and emergency update for its Tor Browser and now we have an update from Mozilla. ![]() The vulnerability was disclosed on a public Tor Project mailing list on Tuesday. However, if users cannot wait, they can download the above mentioned software versions directly from the company's website and install the same manually. According to Mozilla's security team, the browser should get automatically updated at some point over the next 24 hours. The new updates are tagged as Firefox 50.0.2, Firefox ESR 45.5.1, and Thunderbird 45.5.1 respectively. After a day of it being reported, Mozilla has released an update that patches a zero-day vulnerability which was not just present, but was actively exploiting Tor Browser users because it happens to be built on the same open source Firefox code. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |