Mozilla announced that a major security flaw in Firefox has been discovered through an advertisement in a Russian news site. The vulnerability will let the malware search for important files in the victim’s computer and will then reportedly upload them to a server hosted in Ukraine.
The Malware leaves no traces of it:
The effect of the attack gives the attacker the ability to bypass the Firefox security and inject a malicious script that searches for files which stores passwords that are stored in the browser itself and are used in many FTP programs. Moreover, in all accesses that carried the page where the malicious ad was present, the malware did not leave traces, according to Mozilla.
It has been discovered that the major security flaw in Firefox will affect Windows and Linux users only, but the hackers could also attack the Mac users. So Mozilla is also requesting the Apple system users to upgrade their system with the latest version of Firefox.
Even users who have not visited the Russian news site that had the announcement should also upgrade their browsers, because it is not known if the ad was deployed to other internet sites.
Mozilla also made it clear that Firefox for Android and other Mozilla products that lack an integrated PDF reader does not have the security flaw and cannot be affected by this attack.
The company is already sending the update to all the browsers, but users who have not yet received the update notification to the 39.0.3 version can do it manually by accessing the official website of Mozilla and protect themselves from the major security flaw in Firefox.