IMPORTANT. Update Firefox on Windows NOW

admin · Post by **b0b** » 30 Nov 2016 9:00 am

Emergency announcement. Windows Firefox users should switch to a different browser right away.

For details, read
www.wordfence.com/blog/2016/11/emergenc ... 0-day-wild

UPDATE

Wordfence wrote:Update at 2:32pm PST / 5:32pm EST: Firefox released a fix for this a few minutes ago. Update to Firefox 50.0.2 now to patch this vulnerability. Tor have also released a fix with version 6.0.7 of their browser.There is also a Thunderbird fix out, version 45.5.1.

Jon Light · Post by **Jon Light** » 30 Nov 2016 9:36 am

Ok. That was startling. Done (switched to Chrome.)
Been on FF for around 6 hours today including an update this morning. Wonder how to tell if I've been bugged.

Wiz Feinberg · Post by **Wiz Feinberg** » 30 Nov 2016 9:38 am

This 0-day is targeting a specialized version of Firefox, known as the Tor Browser. It is redirecting Tor users to a now offline server in France. This is a JavaScript exploit, which is fairly common in the cybercrime underworld. Firefox users who have the NoScript Add-on enabled will not be impacted, whether on the Dark Web (Tor) or the Bright Web.

As is typical, Mozilla will release a patch to everybody after analyzing the exploit code. Tor Browser will probably get a fix first.

Tor Onion websites are fraught with danger anyway.

Wiz Feinberg · Post by **Wiz Feinberg** » 30 Nov 2016 9:43 am

Jon Light wrote:Ok. That was startling. Done (switched to Chrome.)
Been on FF for around 6 hours today including an update this morning. Wonder how to tell if I've been bugged.

Did you visit any Onion websites on Tor? Are you using the Firefox Tor browser?

Jon Light · Post by **Jon Light** » 30 Nov 2016 10:26 am

Nope and nope.

Mike DiAlesandro · Post by **Mike DiAlesandro** » 30 Nov 2016 1:59 pm

Randy Schneider · Post by **Randy Schneider** » 30 Nov 2016 2:51 pm

Firefox for Windows update (50.0.2) is now available. If you don't want to wait for it to be pushed to you, in FF go to 'help / about' and the new version will be downloaded.

Wiz Feinberg · Post by **Wiz Feinberg** » 30 Nov 2016 4:03 pm

Happy about the update, but this zero-day was specifically written to expose the location of users of the Dark Web (Tor). There was no malicious code involved, just IP leakage. See this Malwarebytes article for more details.

Randy Schneider · Post by **Randy Schneider** » 30 Nov 2016 4:37 pm

Yes, this particular exploitation of the hole in FF was used for that purpose. The bigger concern was that once the vulnerability had been made public, other malicious payloads could/would take advantage of the now-known problem in Firefox and be delivered for purposes other than the Tor exposure. That is why FF needed to patch it so quickly.

admin · Post by **b0b** » 30 Nov 2016 4:51 pm

Update from Wordfence:

Update at 2:32pm PST / 5:32pm EST: Firefox released a fix for this a few minutes ago. Update to Firefox 50.0.2 now to patch this vulnerability. Tor have also released a fix with version 6.0.7 of their browser.There is also a Thunderbird fix out, version 45.5.1.

Randy Schneider · Post by **Randy Schneider** » 30 Nov 2016 4:54 pm

And thanks for letting us know about the problem this morning b0b. I hadn't heard about it before your post.

Ray Minich · Post by **Ray Minich** » 30 Nov 2016 5:44 pm

Thanks b0b for the update info.

Didn't see anything on reddit or digg about this today so I really appreciate the guidance.

Thanks again.

PS: I wonder how many others start their forum browsing in "Steel Players"?

Earnest Bovine · Post by **Earnest Bovine** » 1 Dec 2016 9:00 am

The updates for Firefox (50.0.2)and Tor (6.0.7) have been available since yesterday afternoon Nov 30.