Mozilla Firefox, the most widely used web browser, has a critical bug that allows data leak and password stealing.
Hackingloops recommends you to update your Firefox browser without any delay and make sure you have Firefox version 39.0.3.
Data theft is just what Mozilla warned about in a blog post published on 06 August 2015, when it announced a critical update for Firefox.
This bug has been known to lead to information disclosures, which means that it leads to security holes that allow confidential information leaked, passwords stolen, and even identity theft.
But this bug is not known to cause Remote Code Execution that allows the attacker to implant a malware on your computer without detection.
Firefox PDF Bug
The security hole is found in Mozilla Firefox’s own built-in PDF viewer. The PDF Viewer is not implemented as a plugin or extension but is actually a client side java script which allows the user to view the PDF within the browser without the need of any external plugin. This is known to be as PDF.js
However, the bug is not known to allow any RCE (Remote Code Execution) that will enable the attacker to run malicious codes in the browser, and hence cannot be used to insert any malware.
How Hackers are Targeting the Firefox PDF Bug
Firefox PDF bug can allow the FireFox Browser to load the malicious java script from external sources and run it as if the user loaded it locally. The attacker can use this bug to load a java script in your browser that can upload files from your computer to a remote server without any prompt or interaction from the user.
So even if the malware is not downloaded on your machine, the attacker is still able to upload files from your machine and steal critical data from your computer.
The Firefox PDF bug is also a violation of same origin policy
But due to the Firefox PDF bug, the files from your computer are taken, clearly violating the cross origin policy. According to Mozilla, hackers have already started exploiting this bug.
So now the advertisement you see on your favorite news site could be stealing files from your system.