Update (Oct 11, 2012)
- An update to Firefox for Windows, Mac and Linux was released at 12pm PT on Oct 11. Users will be automatically updated and new downloads via http://www.mozilla.org/firefox/new/ will receive the updated version (16.0.1).
- A fix for the Android version of Firefox was released at 9pm PT on Oct 10.
Issue:
Mozilla is aware of a security vulnerability in the current release version of Firefox (version 16). We are actively working on a fix and plan to ship updates tomorrow. Firefox version 15 is unaffected.
Impact:
The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters. At this time we have no indication that this vulnerability is currently being exploited in the wild.
Status:
Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available. As a precaution, users can downgrade to version 15.0.1 by following these instructions [http://www.mozilla.org/firefox/new/]. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability.
Michael Coates
Director of Security Assurance
Laura Brouillette wrote on
mcoates wrote on
ffover9000 wrote on
Pseudonymous Neuron wrote on
Ajnasz wrote on
Scorpion3003 wrote on
mad.madrasi wrote on
silly puppy wrote on
saeed wrote on
Wesley wrote on
Audrey wrote on
Naivity wrote on
Matt A. Tobin wrote on
Gian-Carlo Pascutto wrote on
dav2 wrote on
Powerlord wrote on
A wrote on
Westly wrote on
Zupfis wrote on
Tom wrote on
ken wrote on
Stevo wrote on
Patricia wrote on
Andrew wrote on
Peter wrote on
Hristo wrote on
Gian-Carlo Pascutto wrote on
Chris Coulson wrote on
anon wrote on
Fred wrote on
Julien Boyer wrote on
Glenn wrote on
Danny Moules wrote on
Glenn wrote on
Granjow wrote on
j-boo wrote on
Paco Martinez wrote on
Martin wrote on
lolo wrote on
Scouter Scot wrote on
Chris wrote on
Ben wrote on
Boka wrote on
Ant wrote on
JaSK wrote on
Tom Kane wrote on
Ingo-Hanno Minke wrote on
Ingo-Hanno Minke wrote on
James wrote on
Sean wrote on
Andrew wrote on
Mike wrote on
Andy wrote on
Bryan Price wrote on
mcoates wrote on
Vik wrote on
Henry wrote on
mcoates wrote on
May wrote on
stoney wrote on
mcoates wrote on
stoney wrote on
Valentin G. wrote on
Melvin Alvarez wrote on
Critic wrote on
Wolfgang D. wrote on
Bob wrote on
StephanieX wrote on
Help wrote on
mcoates wrote on
Andreas wrote on
mcoates wrote on
Eurythrace wrote on
j-boo wrote on
io wrote on
tlr wrote on
j-boo wrote on
Daniel wrote on
Rajesh wrote on
Andy Scott wrote on
Joe King wrote on
mcoates wrote on
Jan Schejbal wrote on
Jesse Ruderman wrote on
Firefoxed wrote on
mcoates wrote on
Firefoxed wrote on
Hans wrote on
osos wrote on
tony wrote on
jh wrote on
tony wrote on
tony wrote on
Eurythrace wrote on
tony wrote on
tony wrote on
Eurythrace wrote on
Wilbur wrote on
Ricz wrote on
Shailesh wrote on
The oldie wrote on
Bryan Price wrote on
Jesse Ruderman wrote on
msth67 wrote on
pieroxy wrote on
Seen wrote on
mcoates wrote on
A pissed off user. wrote on
Dave wrote on
John Meloche wrote on
Slightly Sarcastic wrote on
gs wrote on
gharlane wrote on
ffuser wrote on
Aron wrote on
Daniel Veditz wrote on
Ben Reaves wrote on
zbravo wrote on
mr peabody wrote on
Jim wrote on
Jim Russell wrote on
Scott wrote on
Another Pissed Off User wrote on
Another Pissed Off User wrote on
Bart Benus wrote on
john o neill wrote on
Jesse Ruderman wrote on
Security Code is blank, no image wrote on
Security Code is still blank, still no image wrote on
Firefox Fanatic wrote on
Cylon wrote on
Markus wrote on
josh wrote on
mcoates wrote on
Jonau wrote on
pieroxy wrote on
TubeLugs wrote on
Mase wrote on
Daniel Veditz wrote on
Mase wrote on
Daniel Veditz wrote on
Mase wrote on
hillbilleter wrote on
Rafael wrote on
Raj wrote on
João Dantas wrote on
Matthew Atkinson wrote on
David wrote on
puru singh wrote on
Aunty wrote on
Mystery Man wrote on
Don wrote on
Rod F wrote on
Dave Steckel wrote on
Robert Kann wrote on