Update Firefox ASAP: Mozilla Just Patched a Bug That Allows Data Theft
Firefox users are being urged to update to version 39.0.3 (or 38.1.1 for Enterprise users) following the discovery of a vulnerability that could allow attackers to steal your data without you ever knowing about it.
It all started when a Firefox user notified Mozilla that a malicious ad on a Russian news site was exploiting the vulnerability to sniff out & steal sensitive files from victim’s machines. All the victim had to do was visit a website housing the exploit and BAM –the files are quietly uploaded to a remote server.
The attack appeared to be primarily focused on collecting developer-related data (i.e. FTP configuration files, subversion, and the like) from Windows & Linux computers. Macs were not targeted, however that’s not to say they aren’t vulnerable – data could easily be stolen if someone were to create an exploit that included them.
The bug has been patched and users that value the security of their data should update to the latest version of Firefox (39.0.3 or ESP 38.1.1) ASAP.