TNTMAX: Top-rated software companies in New Jersey
Fred's Virtual Marathon Fundraiser
Call Us Today 201-891-8686


firefox logo

Mozilla Firefox Security Flaw

MozillaTuesday morning, a user identified a vulnerability on Mozilla Firefox that has the ability to search for sensitive PDF files and upload them to a server that is noted to be in the Ukraine. The exploit was first delivered by an advertisement on a news site originating in Russia. As of right now it can be delivered by any site that has been exploited.

“The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable. The vulnerability does not enable the execution of arbitrary code but the exploit was able to inject a JavaScript payload into the local file context. This allowed it to search for and upload potentially sensitive local files.” –Daniel Veditz



Mozilla has issued security updates to solve this vulnerability. They recommend any Mozilla users to upgrade to Firefox 39.03.3 which they released on Thursday.

This particular exploit does not leave any evidence that it was there; because of this it is paramount to change any and all passwords on sensitive PDF files saved on your PC or server if you use FTP clients such as Filezilla.

The vulnerability affects both Linux and Windows, it does not affect those using Firefox mobile app for Android. Mac users are in the clear so far but Mozilla has stated that Apple’s OX is not untouchable if someone wanted to target it, and they usually do.

Click here for upgrade instructions from Mozilla.

Interested in Top-Notch Support?

Let’s work together today!

Get the outstanding IT support you need to help your business grow.
Find out more about our high quality service, and the many benefits you receive when partnering with TNTMAX.

Let's Work Together

Back To Top