Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Tech
  • Municipal Corporations 9/10
  • TRS 8
  • INC 0
  • BJP 1
  • AIMIM 0
  • OTH 0
  • MUNICIPALITIES 114/120
  • TRS 96
  • INC 9
  • BJP 3
  • AIMIM 2
  • OTH 4
Refresh Data
News18 » Tech
1-min read

Firefox user? You need to update immediately

The security flaw does not enable execution of arbitrary code but allow injecting a JavaScript payload into the local file context; allowing for search and upload potentially sensitive local files.

News18.com

Updated:August 8, 2015, 8:38 AM IST
facebookTwitter Pocket whatsapp
Firefox user? You need to update immediately
The security flaw does not enable execution of arbitrary code but allow injecting a JavaScript payload into the local file context; allowing for search and upload potentially sensitive local files.

New Delhi: A major security flaw has been discovered in Mozilla’s Firefox web browser that could potentially compromise users’ sensitive files and upload them to servers in Ukraine.

A Firefox user found an advertisement on a news site in Russia which was serving the Firefox exploit.

The company explains in its blog that the bug comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla’s products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable to the threat.

The security flaw does not enable execution of arbitrary code but allow injecting a JavaScript payload into the local file context; allowing for search and upload potentially sensitive local files.

The particular ad in question was looking for develop focused files on a users’ system. It affects both Windows and Linux users, but Mac users are not targeted by this particular exploit. The bug could potentially change passwords and keys in the developer focused files. Those who use ad-blocking software and special filters might have been protected too.

The company has issued a patch for the vulnerability and all Firefox users are suggested to update to Firefox 39.0.3. The fix has also been shipped in Firefox ESR 38.1.1.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

Read full article
Next Story
Next Story

facebookTwitter Pocket whatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results