Browser zero day: Update your Firefox right now!

2020-01-09 14:00

Just two days after releasing Firefox 72, Mozilla has issued an update to patch a critical zero-day flaw.

Some Linux distros and many businesses stick to Firefox's Extended Support Release because it gets security fixes at the same pace as the regular version, but doesn't force you to take on new features at every update.

Importantly, the browser that comes with Tor, the privacy-enhancing software bundle that helps you browse without being tracked, is a special build of Firefox ESR. Unfortunately, Tor only updated within the last 24 hours to the 68.4.0esr version of Firefox's code, and hasn't got its 68.4.1esr update out yet.

The Tor site currently says, "We are planning to release version 9.0.4 of Tor Browser picking up this fix soon," so keep your eyes out for an update - a zero-day attack that works against the browser in Tor could undo the anonmyity and privacy that made you choose Tor in the first place.

The Tor project tweeted the availability of its own update at 2020-01-10T15:00Z.The updated Tor version is 9.0.4, based on Firefox 68.4.1esr.

News URL

https://nakedsecurity.sophos.com/2020/01/09/browser-zero-day-update-your-firefox-right-now/

#browser #firefox #zeroday