Firefox fixes critical security vulnerability

Mozilla was busy working on a revised version of Firefox for Android, which is now live in the Beta and Nightly (previously Preview) channels of the browser. If you’re still on Firefox ‘s regular stable version for Android, though, you should update right now.

Firefox 68.10.1 is now running on the Play Store, which fixes a critical vulnerability that theoretically could allow remote web pages to read local files, including cookies from other websites:

RelatedPosts

How to disable in-app purchases on smartphones & tablets

Android devices secret codes – list of custom dialer USSD codes

In 2021, Google will pay Apple $15 billion to be the default search engine in Safari

Android New Feature enables users to operate their phone using facial expressions

Android 12 Beta 4: Notifications not showing due to a bug

Google Pixel 6 is to include a Samsung camera sensor with a resolution of 50 megapixels

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.

There are not many public information about how the bug operates, but malicious sites won’t be able to take advantage of it until it’s widely patched, but only the classic Firefox browser will be affected. If you are using the versions Beta or Nightly / Preview, there’s nothing to worry about. Firefox browsers are also unaffected on other systems (Windows, macOS, and so forth).

If you are using the standard Android Firefox, you certainly need to update as soon as possible. The latest version (68.10.1) is already up and running on the Play Store, but you can grab it from APKMirror as well.