The latest version of Mozilla’s Firefox browser has been taken offline after a security vulnerability was discovered.  Users who had upgraded to version 16 were advised to downgrade to the previous safe release until Firefox developers released a fix.

The vulnerability allowed “a malicious site to potentially determine which websites users have visited”, Mozilla said.  The non-profit company said that only a “limited number of users are affected”.  The download had been taken offline within a day of its initial release, the organisation’s UK spokesman said.

He added that no users had been upgraded automatically to the new version.  In a blog post, Mozilla’s director of security assurance Michael Coates said a fix was being worked on and should be expected on Thursday.  “At this time we have no indication that this vulnerability is currently being exploited in the wild,” he added.  “Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available.

“As a precaution, users can downgrade to version 15.0.1 by following these instructions. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability.”  Firefox was one of the three leading web browsers, with more than 450 million users worldwide, Mozilla said.

In recent months, various figures suggested Chrome had overtaken Firefox’s market share, pushing the Mozilla Foundation’s flagship product into third place in the browser race.

Published by Robert Rutherford