Little detail of the problem has been revealed, as it surfaced a few hours ago on the Tor Project mailing list in a post from an anonymous user writing in from the Sigaint dark web email service. That post said the flaw is in active use against users of the Firefox-based TorBrower.
“It consists of one HTML and one CSS file, both pasted below and also de-obscured.
“The exact functionality is unknown but it’s getting access to VirtualAlloc in kernel32.dll and goes from there.”
The flaw which appears to leak users’ MAC address and IP addresses to external servers was shipped to Mozilla’s security team which has located the flaw and is working on a patch, Tor Project lead Roger Dingledine says.
“So it sounds like the immediate next step is that Mozilla finishes their patch for it then … a quick Tor Browser update and somewhere in there people will look at the bug and see whether they think it really does apply to Tor Browser,” Dingledine says.
We’ll update this story as details come to hand. ®
Transforming software delivery with DevOps
Source: SANS ISC SecNewsFeed @ November 29, 2016 at 06:57PM