Mozilla yanks Firefox 16 one day after release, claims flaw is now fixed

Mozilla yanks Firefox 16 one day after release, claims flaw is now fixed

Mountain View : CA : USA | Oct 11, 2012 at 1:16 PM PDT
Views: Pending

Mozilla released the latest version of their popular Firefox web browser on Tuesday, an update called Firefox 16 that promised fixes for all sorts of critical security flaws. Then on Wednesday Mozilla pulled Firefox 16 for having all sorts of critical security flaws.

To their credit, Mozilla claims to have fixed these flaws. As of Thursday afternoon, Mozilla had re-released Firefox 16, and that's the version now available for download on their home page. But I have to admit, I'm thinking twice before downloading it.

"Mozilla is aware of a security vulnerability in the current release version of Firefox," the company announced in a blog post to warn users of security flaws in Firefox 16. "We are actively working on a fix and plan to ship updates tomorrow. Firefox version 15 is unaffected."

They have since posted the updated, supposedly corrected version. "An update to Firefox for Windows, Mac and Linux was released at 12pm PT on Oct 11," an update to the post says. "Users will be automatically updated and new downloads via will receive the updated version." Indeed, if you go that page, you will get Firefox 16.0.1. See, it's already got upgrade numbers added onto the end!

A fix to the Android mobile version of Firefox 16 was released last night.

The security flaw allowed malicious websites to acquire your entire Firefox browsing history. That includes pages where you were logged in to a certain account, like for instance your Twitter account. A hacker could, exploiting this flaw, log in to your account as you without knowing your password.

How dangerous is it to run the flawed version of Firefox 16? The attack code that would allow malicious web sites to extract your browsing history is all over the internet. The code has been published on the blog Ars Technica. It's only eight little lines of code, and it could give a hacker access to your web browsing history and personal web accounts.

Mozilla claims that there was no evidence that any hackers managed to exploit this security flaw.

This is not the first time the Firefox browser was yanked immediately after release. In December 2011, Firefox 9 was also released, pulled back, and re-released in the span of a day. That problem was related to causing browser crashes, not exploitable security flaws.

Joe Kukura is based in San Francisco, California, United States of America, and is an Anchor on Allvoices.
Report Credibility
  • Clear
  • Share:
  • Share
  • Clear
  • Clear
  • Clear
  • Clear

News Stories

  • Security fear sees Firefox pulled

    The Firefox browser is used by millions worldwide The latest version of Mozilla's Firefox browser has been taken offline after a security vulnerability was discovered. Users who had upgraded to version 16 were advised to downgrade to the previous...
  • Mozilla fixes Firefox flaw

    We were quick to recognise the security vulnerability of Firefox 16 and took immediate action to temporarily remove the update from the current installer page," a spokesman from Mozilla told the BBC. "As a precaution we asked Firefox users to revert...

More From Allvoices

Report Your News Got a similar story?
Add it to the network!

Or add related content to this report

Use of this site is governed by our Terms of Use Agreement and Privacy Policy.

© Allvoices, Inc. 2008-2014. All rights reserved. Powered by PulsePoint.