11 Oct 2012

New Firefox 16 Pulled by Mozilla to Fix Vulnerability


Firefox 16 was temporarily pulled from Mozilla’s installer page to fix a security flaw discovered a day after the official release, according to the company’s blog. The new browser version is scheduled for an update to patch the vulnerability. Mozilla representatives said Firefox version 15 is unaffected.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters,” said Director of Security Assurance, Michael Coates. “At this time we have no indication that this vulnerability is currently being exploited in the wild.”

Firefox users will automatically be upgraded to the new version as soon as it becomes available. In the meantime, they can downgrade to version 15.0.1 if they don’t want to wait until the patches are issued. Mozilla’s browser had approximately a 20 percent share of desktop users in September, less than half the share of Internet Explorer, according to web measurement company Net Applications.

This was the first time Mozilla has pulled a version of Firefox from distribution because of a vulnerability, but not the first re-release of Firefox. In December last year, the company re-launched Firefox 9 a day after it became available online.