Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Tor Browser vulnerability Nov 3 2017 (Mac & Linux)  (Read 2397 times)

0 Members and 1 Guest are viewing this topic.

Salmon Trout

    Topic Starter


    Genius

    Thanked: 930
    • Yes
  • Computer: Specs
  • Experience: Experienced
  • OS: Other
Tor Browser vulnerability Nov 3 2017 (Mac & Linux)
« on: November 04, 2017, 04:08:11 AM »
Slashdot says:

https://it.slashdot.org/story/17/11/03/2127235/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users-security-update-released?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Quote
The Tor Project has released a security update for the Tor Browser on Mac and Linux to fix a vulnerability that leaks users' real IP addresses. The vulnerability was spotted by Filippo Cavallarin, CEO of We Are Segment, an Italian company specialized in cyber-security and ethical hacking. Cavallarin privately reported the issue -- which he codenamed TorMoil -- to the Tor Project last week. Tor Project developers worked with the Firefox team (Tor Browser is based on the Firefox browser) to release a fix. Today, the Tor team released version 7.0.9 to address the vulnerability. Tor Browser 7.0.9 is only available for Mac and Linux users. Tor Browser on Windows is not affected.

The issue is actually a Firefox bug in the way the browser handles file:// URLs. While the issue is harmless in Firefox, it's catastrophic in the Tor Browser.

So get updated to 7.0.9.