Firefox fixes critical security vulnerability

firefox for android

Mozilla was busy working on a revised version of Firefox for Android, which is now live in the Beta and Nightly (previously Preview) channels of the browser. If you’re still on Firefox ‘s regular stable version for Android, though, you should update right now.

Firefox 68.10.1 is now running on the Play Store, which fixes a critical vulnerability that theoretically could allow remote web pages to read local files, including cookies from other websites:

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.

There are not many public information about how the bug operates, but malicious sites won’t be able to take advantage of it until it’s widely patched, but only the classic Firefox browser will be affected. If you are using the versions Beta or Nightly / Preview, there’s nothing to worry about. Firefox browsers are also unaffected on other systems (Windows, macOS, and so forth).

If you are using the standard Android Firefox, you certainly need to update as soon as possible. The latest version (68.10.1) is already up and running on the Play Store, but you can grab it from APKMirror as well.