Mercedes SLK World banner

1 - 9 of 9 Posts

·
Administrator 2009 SLK 55 AMG/Founding Member 2006
Joined
·
97,249 Posts
Discussion Starter #1
From WordPress
Emergency Bulletin: Firefox 0 day in the wild. What to do.
This entry was posted in General Security on November 30, 2016 by mark 62 Replies
We’re publishing this as an emergency bulletin for our customers and the larger web community. A few hours ago a zero day vulnerability emerged in the Tor browser bundle and the Firefox web browser. Currently it exploits Windows systems with a high success rate and affects Firefox versions 41 to 50 and the current version of the Tor Browser Bundle which contains Firefox 45 ESR.

If you use Firefox, we recommend you temporarily switch browsers to Chrome, Safari or a non-firefox based browser that is secure until the Firefox dev team can release an update. The vulnerability allows an attacker to execute code on your Windows workstation. The exploit is in the wild, meaning it’s now public and every hacker on the planet has access to it. There is no fix at the time of this writing.

Currently this exploit causes a workstation report back to an IP address based at OVH in France. But this code can likely be repurposed to infect workstations with malware or ransomware. The exploit code is now public knowledge so we expect new variants of this attack to emerge rapidly.

This is a watering hole attack, meaning that a victim has to visit a website that contains this exploit code to be attacked. So our forensic team is keeping an eye on compromised WordPress websites and we expect to see this code show up on a few of them during the next few days. An attackers goal would be to compromise workstations of visitors to WordPress websites that have been hacked.
 

·
Super Moderator CA 2012 SLK55 AMG w/P30
Joined
·
13,727 Posts

·
Administrator 2009 SLK 55 AMG/Founding Member 2006
Joined
·
97,249 Posts
Discussion Starter #3
this alert came from site support btw
 

·
Super Moderator CA 2012 SLK55 AMG w/P30
Joined
·
13,727 Posts
still can't find anything. Got a link?
 

·
Administrator 2009 SLK 55 AMG/Founding Member 2006
Joined
·
97,249 Posts
Discussion Starter #6
link above in his post
 

·
Super Moderator CA 2012 SLK55 AMG w/P30
Joined
·
13,727 Posts

·
Registered
Joined
·
579 Posts
Firefox 50.0.2 has been posted with a security patch.
https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/

To update or check current version, click Menu Bar on [HELP] then [About Firefox]
(if menu bar is not visible, hit F10 function key).
or
shortcut keys; [Alt + H] > [A]
or
Hit hamburger icon (3 horizontal lines) in upper right corner, click on "?" and [About Firefox]

======================

For OSX (mac) users, [About Firefox] is accessed via [Firefox] in upper left-hand corner.
 
1 - 9 of 9 Posts
Top