firefox

If you use Firefox, update now, there is a security problem

On the mozilla blog they have announced that a security problem has been discovered that affects all versions of Firefox that have not been updated to the latest version, 39.0.3, published yesterday at this link.

The problem was detected thanks to a user who saw an ad on a Russian news website that took advantage of the error, a problem that was able to search for files and upload them to a Ukrainian server without the user noticing.

The vulnerability occurs because of a JS issue in PDF viewer, so Mozilla products that do not contain PDF Viewer, such as Firefox for Android, are not vulnerable. The problem does not allow arbitrary code to run, but it was able to use JavaScript to search for local files and upload them to the aforementioned server.

It is not known if the ad that was shown in Russia only appeared on that news website or if they have published the banner elsewhere, but it has been found that it was in charge of searching for different files depending on the victim's operating system:

– On Windows: I was looking for subversion files, s3browser and Filezilla, .purple and Psi + configuration files, as well as configuration files from eight different popular FTP clients. – On Linux: I was looking for common global configuration files, like / etc / passwd, as well as content in .bash_history, .pgsql_history, .ssh configuration files, .mysql_history configuration files for Remina, Filezilla, and Psi +, etc.

Mac users do not have to worry about this particular case, but some kind of loading could be done, so updating is also advised.

The problem leaves no trace, we cannot know if it has been run on the local machine, so if you use Firefox on Windows or Linux it would be wise to change the passwords and keys found in the files mentioned in your article.