Mozilla’s Firefox web browser is known for being a relatively safe piece of software, a fact, which is especially true, when this browser is compared to Internet Explorer. Still, every once in a while there’s a problem with security that pops up and this time it seems to be a big one.
Apparently a security researcher named Cody Crews has found a hole in the latest version of Firefox. But there’s more – the hole is actively exploited by a Russian news web site that has a malicious advertisement on it that searches for sensitive files on your computer and when it finds any content of interest it sends the content found to a server in Ukraine.
The problem affects all recent versions of Mozilla Firefox and has been fixed in version 39.0.3. The good news is that versions of the browser that do not include the PDF Reader, such as Firefox for Android, are not affected by this problem, which stems from the interaction of the mechanism that enforces JavaScript context separation and Firefox’s PDF Viewer. Mac users are also not affected as of now.
Fortunately the solution is easy – just update your Mozilla Firefox browser to the latest version and you will be fine.
Source: Zdnet.com