Insightful &
Helpful Articles

Here is what we're working on and
thinking at Hedgehog security.

Firefox versions prior to 39.0.3 harbour a serious vulnerability.

Mozilla has announced a critical file access and privilege escalation vulnerability (aka CVE-2015-4495) in the embedded PDF viewer in all Firefox versions prior to the latest release (39.0.3) which is already reported as be being exploited in the wild.

The observed exploitation has been seen to show interest in targeted technical and systems information of more interest to software developers than of any intrinsic value in itself, seeking out the user, database and system application configurations. Obviously future payloads may change to target other information or activities, as the vulnerability allows the attacker to gain system-level privileges, but at present, the intent appears to be reconnaissance - presumably as foundation work in guiding and developing future targeted or broader scale attacks of a different nature.

Mozilla advises all Firefox users to upgrade immediately and goes on to state that the attack 'leaves no trace it has been run on the local machine' and users of Windows or Linux should consider changing all passwords associated with their browser, and local users and system applications. There is no current evidence of Mac Firefox users having been actively targeted but, of course, this is no guarantee.