Mozilla recently re-released Firefox 16 after pulling the browser when a developer discovered a critical bug that could potentially be used by attackers to hack your computer. Mozilla recently turned on its upgrade servers and began pumping out Firefox 16.0.1 to users who had previously downloaded the flawed web browser and those that were still using Firefox 15 and earlier.
Once the vulnerability was discovered, Mozilla took the Firefox 16 upgrade off of its site, releasing a statement saying that the vulnerability “could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.”
Since fixing the problem, Mozilla has released more information about the bug, noting it as critical. “Mozilla security researcher ‘moz_bug_r_a4′ reported a regression where security wrappers are unwrapped without doing a security check in defaultValue(),” an accompanying advisory noted. “This can allow for improper access to the Location object. In versions 15 and earlier of affected products, there was also the potential for arbitrary code execution.”
In addition to this problem, the new patch also addressed an issue that allowed access to user information, including Twitter usernames, through Firefox 16. Firefox 16.0.1 fixed a total of four flaws, including two bugs that had caused a large number of crashes on users’ systems.
This isn’t the first time that Mozilla has had to quickly re-release Firefox. The company did this once before back in 2011 with Firefox 9. However, this was the first time that the company pulled Firefox from distribution because of a vulnerability.
As far as popularity goes, Mozilla’s Firefox is in second place with 20% of internet users worldwide using the browser. The only browser with more users is Microsoft’s Internet Explorer. I personally use Google’s Chrome browser, though if you want to know more about browsers and their security, you can learn how changing internet browsers can increase your cyber security.