Developers with both Mozilla and Tor have published browser updates that patche a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service.
“The security flaw responsible for this urgent release is already actively exploited on Windows systems,” a Tor official wrote in an advisory published Wednesday afternoon. “Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately.”
The Tor browser is based on the open source Firefox browser developed by the Mozilla Foundation. Mozilla officials on Tuesday released version 50.0.2 for the mainstream users of Firefox. According to the release notes, it includes a fix for the vulnerability, which is rated as critical.