{"id":847,"date":"2012-10-10T17:16:48","date_gmt":"2012-10-11T00:16:48","guid":{"rendered":"http:\/\/blog.mozilla.org\/security\/?p=847"},"modified":"2012-10-11T16:55:29","modified_gmt":"2012-10-11T23:55:29","slug":"security-vulnerability-in-firefox-16","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/","title":{"rendered":"Security Vulnerability in Firefox 16"},"content":{"rendered":"<blockquote>\n<div id=\"magicdomid28\"><em><strong>Update (Oct 11, 2012)<\/strong><\/em><\/div>\n<div>\n<ul>\n<li><em>An update to Firefox for Windows, Mac and Linux was released at 12pm PT on Oct 11. Users will be automatically updated and new downloads via http:\/\/www.mozilla.org\/firefox\/new\/ will receive the updated version (16.0.1).<\/em><br \/>\n<em><\/em><\/li>\n<li><em>A fix for<em> the Android version of Firefox<\/em> was released at 9pm PT on Oct 10.<\/em><\/li>\n<\/ul>\n<\/div>\n<\/blockquote>\n<div><\/div>\n<div><strong>Issue:<\/strong><\/div>\n<div id=\"magicdomid146\">Mozilla is aware of a security vulnerability in the current release version of Firefox (version 16). We are actively working on a fix and plan to ship updates tomorrow. Firefox version 15 is unaffected.<\/div>\n<div><\/div>\n<p>&nbsp;<\/p>\n<div id=\"magicdomid31\"><strong>Impact:<\/strong><\/div>\n<div id=\"magicdomid32\">The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.\u00a0 At this time we have no indication that this vulnerability is currently being exploited in the wild.<\/div>\n<div><\/div>\n<p>&nbsp;<\/p>\n<div id=\"magicdomid34\"><strong>Status:<\/strong><\/div>\n<div id=\"magicdomid90\">Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available.\u00a0 As a precaution, users can downgrade to version 15.0.1 by following these instructions [<a href=\"http:\/\/www.mozilla.org\/en-US\/firefox\/new\/\">http:\/\/www.mozilla.org\/firefox\/new\/<\/a>].\u00a0 Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability.<\/div>\n<div><\/div>\n<div><\/div>\n<p>&nbsp;<\/p>\n<div>Michael Coates<\/div>\n<div>Director of Security Assurance<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Update (Oct 11, 2012) An update to Firefox for Windows, Mac and Linux was released at 12pm PT on Oct 11. Users will be automatically updated and new downloads via &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/\">Read more<\/a><\/p>\n","protected":false},"author":1438,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[71,73],"tags":[],"coauthors":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security Vulnerability in Firefox 16 - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"mozilla\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/\",\"name\":\"Security Vulnerability in Firefox 16 - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2012-10-11T00:16:48+00:00\",\"dateModified\":\"2012-10-11T23:55:29+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/70ae25c16f09d053c6d8b5eac29dbda9\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Vulnerability in Firefox 16\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/70ae25c16f09d053c6d8b5eac29dbda9\",\"name\":\"mozilla\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/98138a294cb6e19a68b02ef8ca9be2dc\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/75d2017e019c87560fe5d148a64659dc?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/75d2017e019c87560fe5d148a64659dc?s=96&d=identicon&r=g\",\"caption\":\"mozilla\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Vulnerability in Firefox 16 - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/","twitter_misc":{"Written by":"mozilla","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/","url":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/","name":"Security Vulnerability in Firefox 16 - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2012-10-11T00:16:48+00:00","dateModified":"2012-10-11T23:55:29+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/70ae25c16f09d053c6d8b5eac29dbda9"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2012\/10\/10\/security-vulnerability-in-firefox-16\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"Security Vulnerability in Firefox 16"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/70ae25c16f09d053c6d8b5eac29dbda9","name":"mozilla","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/98138a294cb6e19a68b02ef8ca9be2dc","url":"https:\/\/secure.gravatar.com\/avatar\/75d2017e019c87560fe5d148a64659dc?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/75d2017e019c87560fe5d148a64659dc?s=96&d=identicon&r=g","caption":"mozilla"}}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/847"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/1438"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=847"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/847\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=847"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=847"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=847"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=847"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}