Security Market Segment LS
Sunday, 09 August 2015 22:52

URGENT: Update your Firefox browser NOW Featured

By
Update your FIREFOX BROWSER NOW Update your FIREFOX BROWSER NOW

If you’re using Firefox, a new exploit found in the wild uploading sensitive files to a server in Ukraine needs patching with the latest version of Mozilla’s browser NOW.

Mozilla has issued a blog post and a security advisory that you need to know about.

On the 5th of August, a Firefox user informed Mozilla that ‘an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine.’

Naturally, Mozilla has urged its users to update to Firefox 39.0.3, Firefox OS 2.2 (on Firefox phones) and Firefox ESR 38.1.1, which fixes the vulnerability.

Mozilla’s blog post explains that ‘the vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer.’

In case you’re wondering, Mozilla explains that its ‘products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable.’

On Mac OS X, start Firefox, click on the bold word Firefox next to the Apple symbol at the top left hand corner, and click on 'About Firefox'. This will check for udpates and will show you the current version number. If any updates are available, they will commence downloading, after which you will be prompted to restart Firefox to complete the update. 

Firefox should be automatically set to install security updates, but if you have older versions there's no guarantee you have this setting on. 

On Windows, start Firefox. If you have a dropdown Firefox menu at the top left hand corner of the Firefox browser window, you definitely have an older version.

If you see this version, select Help and then click on 'About Firefox.'

If you have a newer version, you won't see the dropdown Firefox menu on the left, but you will see the three line 'hamburger menu' on the end right hand side on the icons to the right of the address bar and the search box.

To immediately and manually check for updates, click on the three line hamburger menu icon again, and then at the bottom of the menu, click on the 'question mark' symbol.

This brings up the help menu options, at the bottom of which is 'About Firefox'. Do this and the same checking for updates sequence will occur as with Mac OS X, showing you the version number and downloading any updates that are available, after which you will be prompted to 'Restart to Update'. 

On the PC and Mac versions of Firefox, you can also click the three line hamburger icon and you'll see menu pop-up. At the bottom is 'options', which loads the preferences/options page in 'General'. On the left hand side of the screen, you'll see a list of settings headings.

The last one is called 'Advanced', which when clicked on gives you opens the advanced settings, which includes an 'updates' heading. Click it and you should see that 'Automatically install updates (recommended: improved security)' is selected and that 'Warn me if this will disable any of my add-ons' is ticked. 

This should keep you updated automatically but if you haven't been using Firefox for a while it's a good idea to do a manual check just to be sure.

Mozilla advises that ‘the exploit leaves no trace it has been run on the local machine. If you use Firefox on Windows or Linux it would be prudent to change any passwords and keys found in the above-mentioned files if you use the associated programs. People who use ad-blocking software may have been protected from this exploit depending on the software and specific filters being used.’

For additional technical details, please visit the blog post and the security advisory.


Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous

VENDOR NEWS