Update your browser now! Bug allows your phone to be hijacked
September 21, 2020
By Kim Komando
If you’re a fan of online privacy, you’ve probably already made the switch to Mozilla Firefox. The browser comes with a host of useful features that make your sessions less open to advertisers — like blocking third-party cookies by default.
But in spite of these privacy bonuses, Firefox has its own share of problems. There have been several alarming security issues for Firefox in 2020 alone, including a dangerous zero-day glitch. Tap or click here to see how it affected users.
And now, Firefox is back in the news thanks to a newly discovered bug that lets hackers take over your device through the browser. And to make matters worse, it doesn’t just hijack one device but every single device on the same Wi-Fi network! If you or anyone on your network uses Firefox, here’s why you need to upgrade ASAP.
Mozilla wants you to update Firefox right now
Cyberattacks rarely stay in one place. A bad enough exploit can cause a chain reaction that harms one computer after another like falling dominoes. And that’s exactly what’s at stake with a new glitch discovered in Mozilla Firefox that can put your entire network at risk.
Exploitation of LAN vulnerability found in Firefox for Android
— Lukas Stefanko (@LukasStefanko) September 18, 2020
I tested this PoC exploit on 3 devices on same wifi, it worked pretty well.
I was able to open custom URL on every smartphone using vulnerable Firefox (68.11.0 and below) found by @init_string https://t.co/c7EbEaZ6Yx pic.twitter.com/lbQA4qPehq
The bug was discovered by Australian security researcher Chris Moberly, who found the issue within Firefox’s SSDP system. SSDP is used by Firefox to detect other devices on the same network like streaming boxes and external speakers.
But Moberly found something dangerously wrong with SSDP: The system document that stores records of connected devices can be hijacked to execute a command. In a nutshell, this means a hacker could send out malicious files and hijack any device on the same Wi-Fi network. It would be just as easy (and urgent) as opening a link in your browser.
The consequences of this bug are huge, and is another reason why it’s never a good idea to use public Wi-Fi.
Tap or click here to see a safer way to connect to the internet in public.
Following his discovery, Moberly reported the bug to Mozilla in the hopes that it would be fixed. Thankfully, Mozilla delivered, and the latest version of the browser patches the issue completely. Mozilla itself urges any and all users to update as soon as possible.
How do I install the Firefox update and protect myself?
Firefox users with outdated browsers are now at risk thanks to this newly discovered security flaw. Rather than give hackers a chance to exploit it and harm your system, we recommend updating your browser immediately. Not only will you have the patch, but you’ll also be up-to-speed on any additional bug fixes and security patches Mozilla has to offer.
Tap or click here for a cool download that will help you remember your most critical updates.
Updating Firefox is easy, regardless of which device you use. Here’s how to update:
PC:
- Click on the three-line icon in the upper right corner of the browser.
- Select Help, followed by About Firefox.
- If an update is available, you’ll see it on this screen. If not, your browser is already safe and up to date.
Mac
- Click on Firefox in the menu bar and select About Firefox.
- Select Help, followed by About Firefox.
- If an update is available, you’ll see it on this screen. If not, your browser is already safe and up to date.
If you use the mobile version of Firefox, open your device’s app store and search for Firefox. The download page will show an update is available if your device hasn’t already updated automatically.
It can be annoying to update your devices every month, but doing that is much, much easier than dealing with a hacker or malware. At the very least, an update won’t cost you anything other than time (and maybe some minor frustration). Stick with it and your system will be much safer from all manner of threats.
https://www.komando.com/tips/cybersecurity/critical-firefox-update/