October 12, 2012
Mozilla Re-Releases Firefox 16 Update
Lee Rannals for redOrbit.com — Your Universe Online
Update (OCT 12, 2012 11:30AM): Mozilla has released an update for Firefox 16, fixing flaws that left the new Web browser vulnerable to attacks.
The company took down its latest Firefox browser update after it was discovered that hackers could use a hole in the software to determine which websites users have visited.
Yesterday afternoon, Mozilla released the Firefox 16.0.1 upgrade to users, patching up the flaws.
The company wrote in a blog post Wednesday night that it removed Firefox version 16 from the Mozilla installer page earlier Wednesday after a glitch was found that could allow hackers to view private search information.
“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters,” Michael Coates, the director of security assurance, wrote in a blog post. “At this time we have no indication that this vulnerability is currently being exploited in the wild.”
Mozilla said it is working on a fix for the new browser and will be launching a new version of it on Thursday.
The company advised those who have already downloaded Firefox 16 to downgrade to the previous version of Firefox 15.0.1 by visiting its Firefox Web site.
If users do not want to downgrade they can also wait for the company to push out its next update for Firefox 16.
The code sample only took about 10 seconds to reveal the username, and it wouldn't be hard for hackers to expand on that for more extravagant attacks.