There’s a new Firefox vulnerability, but you can fix it


A day before news broke that Russian hackers were able to access part of the Joint Chief’s email at the Pentagon, a Firefox user found a vulnerability that could send your sensitive files to a server in the Ukraine.

A Firefox user told the company Wednesday that there was an ad on a Russian news site that uses JavaScript and Firefox’s PDF Viewer to get access to your system, according to Mozilla.

Read more: Google wants to sequence your DNA on

Here’s an easy fix

Mozilla said it is not sure where the ad came from originally and that products that don’t use the PDF Viewer are not vulnerable.

One issue is that the program leaves no trace that it has been run on a machine. 

So how can you fix the flaw?

Read more: Credit freeze is real answer to LifeLock question

The hackers were looking for FTP configuration files, subversion, .purple among other account information on Windows systems. On Linux, the flaw looked for global configuration files and user directories, The Next Web reported. Macs were not targeted, as far as experts found.

Mozilla says you need to update to the latest version: Firefox 39.0.3 or Firefox ESR 38.1.1. The updates have the latest security features and fix the flaw.

NBC News on Thursday reported that Russian hackers released a cyber attack against the Pentagon’s Joint Chief of Staff employees’ unclassified email system around July 25.


About 4,000 military and civilian personnel who work for the Joint Chiefs of Staff were targeted. 

Pentagon officials said no classified information was seized or compromised.

Read more: Cheap way to hire a private detective online

  • Show Comments Hide Comments