Security Vulnerability Found In Firefox 16 Allows Attackers User Site Visit History

Firefox 16 about dialog - with security vulnerability

Firefox 16 final version was released by Mozilla two days ago. Surprisingly, the download for Firefox 16 has been taken down due to a potential vulnerability found in the browser. If you go to the Firefox download page, you will be able to download Firefox 15.0.1 instead of version 16.

According to Mozilla security blog,

The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.  At this time we have no indication that this vulnerability is currently being exploited in the wild.

Mozilla says that the vulnerable installer has been removed from the download page. You will get Firefox 15 instead of 16 when you download the browser. Firefox 15 is not affected by this vulnerability.

The company is working on fixing the vulnerability and will hopefully deliver the patch today. In the mean time, if you are a Firefox user, you may start using another browser like Google Chrome or Internet Explorer until Mozilla updates the latest Firefox build.

You can also downgrade Firefox 16 to version 15 by downloading and installing Firefox 15 on top of the latest installed browser. If you have silent updates enabled in Firefox, you will get the latest update automatically.

One thought on “Security Vulnerability Found In Firefox 16 Allows Attackers User Site Visit History

Post Comment