Firefox 0day used against Tor users almost identical to one FBI used in 2013 (ArsTechnica)

There’s a zero-day exploit in the wild that’s being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday.

Word of the previously unknown Firefox vulnerability first surfaced in this post on the official Tor website. It included several hundred lines of JavaScript and an introduction that warned: “This is an [sic] JavaScript exploit actively used against TorBrowser NOW.” Tor cofounder Roger Dingledine quickly confirmed the previously unknown vulnerability and said engineers from Mozilla were in the process of developing a patch.

Source: SANS ISC SecNewsFeed @ November 29, 2016 at 07:09PM