Mozilla Issues Fix For Firefox Zero-Day Bug

Posted by samzenpus on Friday August 7, 2015 @03:46AM from the the-fix-is-in dept.

An anonymous reader writes: Thursday night Mozilla released a Firefox security patch after finding a serious vulnerability that allows malicious attackers to upload files from a user's computer. The update was released about 24 hours after Mozilla learned of the flaw. In a blog post, Mozilla said, "a Firefox user informed us that an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine. This morning Mozilla released security updates that fix the vulnerability. All Firefox users are urged to update to Firefox 39.0.3. The fix has also been shipped in Firefox ESR 38.1.1."

2 of 115 comments (clear)

Min score:

Reason:

Sort:

Open source? by Anonymous Coward · 2015-08-07 03:49 · Score: 0, Flamebait

I thought the consensus here was that open source software was secure? Why do the events of the past year make it appear as if they're as bad or worse?
1. Re:Open source? by mystikkman · 2015-08-07 03:56 · Score: 0, Flamebait
  
  I thought the consensus here was that open source software was secure? Why do the events of the past year make it appear as if they're as bad or worse?
  That is all hogwash FUD and confirmation bias.
  The truth is that there are a few orders of magnitude more effort put in to bash closed source software and hating on Microsoft on online tech boards compared to actual reading of source code to find bugs. Thats we have extremely serious bugs coming out of software like the Linux kernel that are 20 years old.