Firefox 0day in the wild is being used to attack Tor users

Publicly released exploit works reliably against a wide range of Firefox versions. There’s a zero-day exploit in the wild that’s being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday.

Word of the previously unknown Firefox vulnerability first surfaced in this post on the official Tor website. It included several hundred lines of JavaScript and an introduction that warned: “This is an [sic] JavaScript exploit actively used against TorBrowser NOW.” Tor cofounder Roger Dingledine quickly confirmed the previously unknown vulnerability and said engineers from Mozilla were in the process of developing a patch.

firefox-tor

(Visited 75 times, 1 visits today)