There’s a Firefox Exploit in the Wild—You Should Update Right Now

By Jamie Condliffe Published August 7, 2015, 6:30 am ET

Reading time 1 minute

Mozilla has published a blog post explaining that a Firefox exploit is running in the wild that can search for and upload files from your computer—but you can install and update to solve the problem right now.

Mozilla expalins that the vulnerability “comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer” That means that software without the PDF Viewer, like Firefox for Android, isn’t affected — but desktop versions are. The exploit, which seems to use a server in Ukraine, injects JavaScript to search your computer and potentially upload files. It leaves no trace on a computer to suggest that anything has happened.

But don’t panic! Firefox has already released security updates to fix it. That means you should update to Firefox 39.0.3 right now.

[Mozilla]

Image byHåkan Dahlström

Explore more on these topics

Share this story

Sign up for our newsletters

Subscribe and interact with our community, get up to date with our customised Newsletters and much more.

There’s a Firefox Exploit in the Wild—You Should Update Right Now

Sign up for our newsletters

Latest news

Ahead of the SpaceX IPO, xAI Has Now Shed All 11 of Its Non-Elon Musk Founders

Do ‘Disclosure Day’ Prep With a Spielberg Sci-Fi Marathon

How to Watch the F1 Japanese GP 2026 on a Free Channel

Ranking 2016’s Superhero Debuts, 10 Years Later

Fourth Most Populous Country in the World Bans Most Social Media for Kids

How to watch UFC Fight Night Adesanya vs Pyfer live this Saturday

‘Steel Ball Run’ Will Return This Year…Eventually

‘The Mummy 4’ Is Getting the Family Back Together

Latest Reviews

Sonos Play Review: Call It a Comeback

Sonos Era 100 SL Review: The Cheapest Way Into Wired Sonos Sound

Asus ROG’s Massive Swift OLED Gaming Monitor Epitomizes Excess in the Best Way

The Ikea Varmblixt Smart Lamp Fills a Donut Hole in My Life

Nothing Headphone A vs. Headphone 1: Which Pair of ANC Wireless Headphones Wins?

Asus ROG’s Cetra Open Wireless Gaming Earbuds Might Be Better Than Wearing a Headset

Nintendo’s Talking Flower Is Annoying as Hell. I Love It

Level Lock Pro Review: As Good as a Secret Smart Lock Gets

Related Articles

There’s a Firefox Exploit in the Wild—You Should Update Right Now

Sign up for our newsletters

Ahead of the SpaceX IPO, xAI Has Now Shed All 11 of Its Non-Elon Musk Founders

Do ‘Disclosure Day’ Prep With a Spielberg Sci-Fi Marathon

How to Watch the F1 Japanese GP 2026 on a Free Channel

Ranking 2016’s Superhero Debuts, 10 Years Later

Fourth Most Populous Country in the World Bans Most Social Media for Kids

How to watch UFC Fight Night Adesanya vs Pyfer live this Saturday

‘Steel Ball Run’ Will Return This Year…Eventually

‘The Mummy 4’ Is Getting the Family Back Together

Sonos Play Review: Call It a Comeback

Sonos Era 100 SL Review: The Cheapest Way Into Wired Sonos Sound

Asus ROG’s Massive Swift OLED Gaming Monitor Epitomizes Excess in the Best Way

The Ikea Varmblixt Smart Lamp Fills a Donut Hole in My Life

Nothing Headphone A vs. Headphone 1: Which Pair of ANC Wireless Headphones Wins?

Asus ROG’s Cetra Open Wireless Gaming Earbuds Might Be Better Than Wearing a Headset

Nintendo’s Talking Flower Is Annoying as Hell. I Love It

Level Lock Pro Review: As Good as a Secret Smart Lock Gets

Related Articles

Samsung Bespoke AI Refrigerator Wants to Take the Stress Out of the Kitchen

A Foreign Hacker Accessed FBI Files on Epstein Back in 2023: Report

Mozilla Adding ‘Off’ Switch to AI in Firefox

It Turns Out ‘Social Media for AI Agents’ Is a Security Nightmare

You Need to Check Your Wireless Headphones for Updates, Right Now

Hacker Group Extorts Pornhub Over Premium User Data