Mozilla has pushed a new update to patch the infamous Firefox zero-day. Developers at the Mozilla Foundation have also updated Tor browser to address the security issue that was unmasking private browsing experience.
Soon after its debut on Firefox, the vulnerability was posted to a public Tor Project mailing list. It appeared to be developed by a law enforcement agency.
“The exploit, in this case, works in essentially the same way as the ‘network investigative technique’ used by FBI to deanonymise Tor users. This similarity has led to speculation that this exploit was created by FBI or another law enforcement agency,” Mozilla security official Daniel Veditz wrote in a blog post.
The security hole was enabling attackers to send the target’s IP and MAC address to their central servers.