InsightPortal Logo


Zero-Day Bug In Firefox Being Used to Run Malicious Code

The exploit is confirmed to work against multiple Firefox versions.

A zero-day exploit in various versions of Tor and Firefox.  The cofounder of Tor has confirmed that the Mozilla team are currently working on developing a patch. 

The exploit takes advantage of a memory corruption vulnerability, allowing for malicious code execution on Windows. The malicious payload has been identified to be almost entirely identical to a similar Firefox exploit which took place in 2013. Very small segments of the code have been modified to take advantage of the exploit in its current state. The primary target of the exploit is kernel32.dll, a core part of the Windows OS.

The code is entirely written in JavaScript and can affect a very wide range of browser versions, spanning from 41 all the way up to 50, with version 45 ESR being the latest used by Tor browser.

QTF Recommendation: Firefox and Tor users are advised to disable the automatic execution of JavaScript until an official patch for this issue is available. If users require JavaScript to run key web services and applications, we highly recommend temporarily switching to a different browser: Chrome, Edge, Opera or Vivaldi. 


Impact Rating: 3