Archive for October, 2012

Firefox 16.0 Vulnerability

October 11, 2012 Leave a comment

My fellow system administrators out there, Mozilla has temporarily yanked Firefox 16. The latest browser version from Mozilla has been removed just a day after release after discovering a major security flaw.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters,” Coates wrote, but noted that: “At this time we have no indication that this vulnerability is currently being exploited in the wild.”

According to the open-source software giant, the firm is “actively working on a fix and plan to ship updates tomorrow,” Mozilla’s director of security assurance Michael Coates.

In the meantime I urge everyone who has upgraded to 16.0 to downgrade back to 15.0.1 which is being offered now. Mozilla is expected to fix the issue and release 16.0.1 today Thursday.