Mozilla got word this Wednesday that a severe Firefox 0day vulnerability was being exploited by an ad on a Russian website. Although the company was swift in delivering a fix, they are now urging users to check that they are running version 39.0.3 or later to prevent hackers from gaining access to their sensitive data.
It looks like the vulnerability affected a non-privileged part of Firefox’s built-in PDF viewer, where hackers were able to inject JavaScript files. Since they are in the same origin policy as the local browser, hackers could then have the script search and upload data to a server located in Ukraine, as sources indicate.
Security specialists found that the exploit mainly targeted developer-focused content, though it was released to the general audience. However, the attack seems pretty neat because you can have a large number of audience on the website, but have data transferred from browsers with significant relevance. The guys looking into the hack found that it did not leave traces of it behind, which means that even experienced users may be unaware if they have been the victim of a hack or not.
Though the hack affected only Windows and Linux systems, Mac users should also be on guard, since the hack can also be modified to target Macintosh OS’ too.
Thank you Sci-Tech Today for providing us with this information
Image courtesy of Wikimedia
LIVE THE HORROR: An immersive disaster story aboard a stunningly realised North Sea oil rig,…
The Philips VA LED display uses an advanced multi-domain vertical alignment technology that gives you…
【TFT Screen: The Interactive Interface】This 75% mechanical keyboard comes equipped with a TFT Screen, serving…
FANDOM FUSION Play as your favorite characters and wield their unique weapons and skills. Team…
The Definitive Version of Shin Megami Tensei V - Fully evolved with stunning visuals for…
【Unique Split Design】5200mAh hand warmers rechargeable together with double-sided heating function, split snap swivel design,…