Mozilla and Tor have published browser updates to patch a critical Firefox vulnerability used to deanonymize users (via ArsTechnica).

Privacy tool Tor is based on the open-source Firefox browser developed by Mozilla, which received a copy of the previously unknown JavaScript-based attack code yesterday. Mozilla said in a blog post that the vulnerability had been fixed in a just-released version of Firefox for mainstream users.

tor-firefox-logo
The code execution flaw was reportedly already being exploited in the wild on Windows systems, but in an advisory published later on Wednesday, Tor officials warned that Mac users were vulnerable to the same hack.

"Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately."

The exploit is capable of sending the user's IP and MAC address to an attacker-controlled server, and resembles "network investigative techniques" previously used by law-enforcement agencies to unmask Tor users, leading some in the developer community to speculate that the new exploit was developed by the FBI or another government agency and was somehow leaked. Mozilla security official Daniel Veditz stopped short of pointing the finger at the authorities, but underlined the perceived risks involved in attempts to sabotage online privacy.

"If this exploit was in fact developed and deployed by a government agency, the fact that it has been published and can now be used by anyone to attack Firefox users is a clear demonstration of how supposedly limited government hacking can become a threat to the broader Web."

The Firefox attack code first circulated on Tuesday on a Tor discussion list and was quickly confirmed as a zero-day exploit – the term given to vulnerabilities that are actively used in the wild before the developer has a patch in place.

The latest Tor update that fixes the vulnerability is version 6.0.7 and can be downloaded here.

Vanilla Firefox users can download the update to their browser manually from here.

Tags: Apple Privacy, Firefox, Tor Browser

Top Rated Comments

MacBH928 Avatar
MacBH928
118 months ago
I don't know who these people who work to assure our privacy and give us products for free... but thank you!
Score: 6 Votes (Like | Disagree)
Krafty Avatar
Krafty
118 months ago
People still use Mozilla?
Yes, we do.
Score: 5 Votes (Like | Disagree)
Michaelgtrusa Avatar
Michaelgtrusa
118 months ago
Firefox is still a great browser and yes, I still use it.
Score: 4 Votes (Like | Disagree)
Kajje Avatar
Kajje
118 months ago
I've downloaded 50.0.1 this morning, now 50.0.2 is available.
To force upgrade: Open Menu Firefox, About Firefox, there's the update button.
And open the same menu again to restart Firefox.

*** Just going to Firefox.com might show that you've the latest version running, even if you're still on 50.0.1 But you're probably not running the latest version so use the above to upgrade.
Score: 3 Votes (Like | Disagree)
Rigby Avatar
Rigby
118 months ago
Mozilla, please make sure you update your ESR versions as well for those of us who are unable to run you latest release on perfectly good devices.
Firefox ESR 45.5.1 ('https://www.mozilla.org/en-US/firefox/45.5.1/releasenotes/') includes the security fix.
This includes iOS users as well that can't run iOS 9 & 10. Thank you.
I doubt the iOS version is affected, as it uses Apple's Webkit layout engine rather than Mozilla's Gecko (which is used in the desktop version).
Score: 3 Votes (Like | Disagree)
miknos Avatar
miknos
118 months ago
If you need to use TOR, disable javascript.
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

top stories 2025 12 20

Top Stories: iOS 26.3 Beta, Major Apple Leaks, and More

Saturday December 20, 2025 6:00 am PST by
You'd think things would be slowing down heading into the holidays, but this week saw a whirlwind of Apple leaks and rumors while Apple started its next cycle of betas following last week's release of iOS 26.2 and related updates. This week also saw the release of a new Apple Music integration with ChatGPT, so read on below for all the details on this week's biggest stories! Top Stories i...
Read Full Article17 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Features Leaked in New Report, Including Under-Screen Face ID

Tuesday December 16, 2025 8:44 am PST by
Next year's iPhone 18 Pro and iPhone 18 Pro Max will be equipped with under-screen Face ID, and the front camera will be moved to the top-left corner of the screen, according to a new report from The Information's Wayne Ma and Qianer Liu. As a result of these changes, the report said the iPhone 18 Pro models will not have a pill-shaped Dynamic Island cutout at the top of the screen....
Read Full Article60 comments
ios 18 security update

Don't Want to Upgrade to iOS 26? Here's How to Stay on iOS 18 [Update: Now Unavailable]

Friday December 19, 2025 10:37 am PST by
Since the beginning of December, Apple has been pushing iPhone users who opted to stay on iOS 18 to install iOS 26 instead. Apple started by making the iOS 18 upgrades less visible, and has now transitioned to making new iOS 18 updates unavailable on any device capable of running iOS 26. If you have an iPhone 11 or later, Apple is no longer offering new versions of iOS 18, even though there...
Read Full Article328 comments
airpods pro 3 new blue

AirPods Pro 3's Static and Noise Issues Haven't Been Resolved

Thursday December 18, 2025 3:44 pm PST by
Since the AirPods Pro 3 launched, there have been complaints from users who have noticed a static-like sound or a crackling issue when using the earbuds, particularly when Active Noise Cancellation is on but no media is playing. Users have also run into strange high-pitched whistling sounds that happen intermittently. We shared the issues back in late October, and despite two subsequent...
Read Full Article90 comments
apple music chatgpt

ChatGPT's Apple Music Integration Is Now Live

Wednesday December 17, 2025 3:50 pm PST by
There's now a dedicated Apple Music app for ChatGPT, which allows ChatGPT to make music recommendations and build playlists. Apple Music can be added to ChatGPT through the Settings section in the Mac app, website, or iOS app. Apple Music is listed under the apps option, and connecting to it requires signing in with your Apple Account for authorization purposes. ChatGPT can be used to...
Read Full Article53 comments
samsung exynos 2600 2nm%402x

Samsung Announces World's First 2nm Mobile Chip Ahead of Apple

Friday December 19, 2025 3:59 am PST by
Samsung has officially unveiled the Exynos 2600, the world's first 2 nanometer mobile system-on-a-chip (SoC), built on the company's Gate-All-Around (GAA) process. The 10-core ARM-based design aims to deliver improved performance and efficiency for flagship devices like the upcoming Galaxy S26 series. The chip uses Arm's latest cores and supports new instructions for improved CPU speed and...
Read Full Article56 comments
apple beta 26 lineup

Apple's 2026 and 2027 Product Roadmap: Foldable iPhone, iPhone 18 Pro, M5 Macs, and More

Tuesday December 16, 2025 4:42 pm PST by
There has been a whirlwind of rumors over the last few days, sourced from leaked internal software designed for the iPhone and the Mac, and news sites like The Information. Below, we have a quick recap of everything we've heard this week, which serves as a guide to Apple's product plans in 2026 and beyond. We've organized the info by likely release date, though there are some products that...
Read Full Article44 comments
iOS 26 Maps Glass

Apple Quietly Discontinued Flyover City Tours in Apple Maps

Thursday December 18, 2025 1:31 pm PST by
Apple Maps no longer offers a Flyover feature that provides users with automated tours of notable landmarks in major cities. The Flyover option appears to have been nixed around when iOS 26 launched, but its removal went largely unnoticed. Flyover city tours were introduced in 2014 with iOS 8 and OS X Yosemite, using Flyover imagery to generate an aerial tour. Most cities with Flyover...
Read Full Article65 comments