Update of the browser is rushed out to fix a vulnerability one day after a new version was released. The lesson: Move fast when mistakes are found
It’s been a bad week for Mozilla, the developer of the Firefox browser. One day after releasing version 16, it had to pull it out of distribution and mend a vulnerability. As this story in PC World outlines, version 16.01 was released Thursday.
According to Mozilla, the vulnerability “could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.”
There was no sign that this vulnerability is being exploited in the wild, it added. Still, it’s embarassing.
Firefox was release late in 2004 and quickly became an alternative to Microsoft’s Internet Explorer in part because of worries over the way hackers found vulnerabilities in IE. Then Google Chrome came along and made it a three-way race.
Generally, Firefox is seen as a pretty secure browser, which is why news services around the world went to town on this story. There were reports from WebProNews, the BBC, and others.
However, it’s unlikely that Firefox’s reputation will take a hit. The lesson for all software companies is act fast when a vulnerability is pointed out. Mozilla is one of those that has learned the lesson well.
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.