Authored by a Symantec employee
A new bug discovered in the Firefox web browser could allow attackers to gain access to files stored on a computer through malicious code injected into the browser’s built-in PDF viewer. Researchers first discovered attackers exploiting the weak spot in Firefox through a malicious advertisement on a news site in Russia that searched for sensitive user files and uploaded them to a remote server.
As news of the vulnerability in Firefox spreads, it is likely that other attackers will now try to take advantage of it before users download a patch. Luckily, Mozilla has already released a patch and Firefox users are advised to update to the latest version of Firefox (39.0.3) immediately.
Here’s how to do a manual update for Firefox:
On the menu bar click the Firefox menu and select About Firefox.
The About Firefox window will open and Firefox will begin checking for updates and downloading them automatically.
When the updates are ready to be installed, click Restart Firefox to Update.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.