SoylentNews is people
SoylentNews
from the update-your-browser-now^W-in-a-release-or-two-when-they-finally-release-a-fix dept.
Actively exploited bug in fully updated Firefox is sending users into a tizzy
Scammers are actively exploiting a bug in Firefox that causes the browser to lock up after displaying a message warning the computer is running a pirated version of Windows that has been hacked.
The message, which appears without any user interaction upon visiting a site, reads:
Please stop and do not close the PC... The registry key of your computer is locked. Why did we block your computer? The Windows registry key is illegal. The Windows desktop is using pirated software. The Window desktop sends viruses over the Internet. This Windows desktop is hacked. We block this computer for your safety.
The message then advises the person to call a toll-free number in the next five minutes or face having the computer disabled.
[...] The attack works on both Windows and Mac versions of the open source browser. The only way to close the window is to force-close the entire browser using either the Windows task manager or the Force Close function in macOS. Even then, Firefox will reopen previously open tabs, resulting in an endless loop. (Update: as a commenter pointed out, restore tabs is turned off by default.) To resolve the problem, users must force-close Firefox and then, immediately upon restarting it, quickly close the tab of the scammer site before it has time to load.
Jérôme Segura, head of threat intelligence at security provider Malwarebytes, said the Firefox bug is being exploited by several sites, including d2o1sv4d11x6bc[.]cloudfront[.]net/firefox/index.html. He said the offending code on the site was written specifically to target the browser flaw.
On Monday, Segura reported the bug to the Bugzilla forum. He said he has since received word Mozilla is actively working on a fix. In a statement sent seven hours after this post went live, a Mozilla representative wrote: ""We are working on a fix to the authentication prompt bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1593795) that we expect to land in the next couple of releases (either in Firefox 71 or 72)."
(Score: 2, Insightful) by Maskawanian on Thursday November 07 2019, @04:03PM (2 children)
That doesn't make sense Pale Moon is just an older version of firefox, it should have the exact same denial of service attack. Pale moon would even be worse for this since they are stuck with the old UI that likely limited updating this in the first place.
(Score: 1, Informative) by Anonymous Coward on Thursday November 07 2019, @06:37PM (1 child)
palemoon is a fork of firefox and its codebase is updated and improved separately from firefox.
See: https://www.palemoon.org/ [palemoon.org]
(Score: 0) by Anonymous Coward on Friday November 08 2019, @12:19AM
Nothing of that invalidated their point. In fact Palemoon does have the same problem. However, it appears the same patch will fix the underlying logic, as the file in question isn't touched too much. Well other than fixing bugs that is. Of course, they don't actually fix the problem, they just hid the prompts unless you are the kind of power user who wants them.
That's it. Other than adding the preference and changing the code comments, that is the whole change.