Just one day after Mozilla debuted the latest version of the Firefox browser, complete with a nifty new developer's toolbar feature, the release has been pulled due to concerns over a vulnerability that could jeopardize user privacy.
"Mozilla is aware of a security vulnerability in the current release version of Firefox (version 16). We are actively working on a fix and plan to ship updates [Thursday]. Firefox version 15 is unaffected," warned Michael Coates, Mozilla's Director of Security Assurance.
Firefox is one of the most popular browsers in the marketplace, with users numbering in the neighborhood of 450 million across the globe. The bug identified in the latest upgrade could potentially expose user's browsing history, according to the company.
"The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters. At this time we have no indication that this vulnerability is currently being exploited in the wild," Coates continued.
The UK-based nonprofit has temporarily nixed the download option for Firefox 16, and is recommending that those who have already installed the new version discontinue use and return to the previous edition until the bug can be fixed.
"Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available. As a precaution, users can downgrade to version 15.0.1 by following these instructions [http://www.mozilla.org/firefox/new/]. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability," Coats advised users.
Mozilla also found the vulnerability in Firefox 16 for Android systems, but a patched version of the browser is already available for download.
- About Corero
- Investor Relations
- News Room
- Executive Management Team
- Corero Offices
- Contact Us