Mozilla 'temporarily' pulls Firefox 16 to address security flaw

Out in the wild just a day, the new browser version is expected to get an update tomorrow to fix an apparently serious vulnerability.


Just a day after its debut, Firefox 16 has been "temporarily removed" from Mozilla's installer page while it addresses what is apparently a serious security flaw in the browser's latest version.

"The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters," Michael Coates. Mozilla's director of Security Assurance, said on the company's security blog. "At this time we have no indication that this vulnerability is currently being exploited in the wild."

Mozilla is currently working on a fix it expects to ship to users tomorrow, Coates said. But in the meantime, Mozilla is recommending that users downgrade to version 15.0.1, which he said was unaffected by the flaw.

"Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability," Coates wrote.

The new version of the Web browser landed yesterday with support for HTML5, indicating that Mozilla has decided it has matured enough to run in the browser without causing instability. The new version includes CSS3 Animations, Transforms, Transitions, Image Values, Values and Units, and IndexedDB.

About the author

Steven Musil is the night news editor at CNET News. Before joining CNET News in 2000, Steven spent 10 years at various Bay Area newspapers.


Discuss Mozilla 'temporarily' pulls Firefox 16 to...

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
Samsung plans price cut for Galaxy S6, S6 Edge