Firefox Users Need to Update Their Browsers NOW

By James O Malley on at

If you're reading this on Firefox stop what you're doing and install updates on your browser right this instant, and that's an order. Go to Help, then select "About Firefox", and then hit the "Check for Updates" button to make sure you've got the latest version.

The reason for this is because developer Mozilla has announced that an exploit aimed at stealing your data has been spotted in the wild on the adverts on a Russian news website - and could potentially turn up on other websites too. The fact that the exploit is out there on the internet is significant, as it means that it isn't like what happens sometimes when bugs are found and patches are released as only a precautionary measure.

In a blog post Mozilla says that the exploit makes use of a hole in Firefox's PDF viewer - so if you're using a version of Firefox that doesn't have a viewer built in, such as Firefox for Android, you're fine.

What the exploit tries to do is very clever. Essentially, if it manages to get into your Windows computer it will search through and look for files containing passwords from a number of popular FTP apps, as well as text files with "pass" or "access" in the name. Presumably it will send anything it finds back to its creators.

The exploit in its current form will only work on Windows computers, though there's no reason why it couldn't be rewritten to use the same hole on Macs too. So it is a good idea to update all round. [Mozilla]