Tor Browser has updated to version 8.5.2, to address a critical security flaw in Mozilla’s Firefox browser that is under active exploit in the wild.
The critical flaw (CVE-2019-11707) is a type confusion vulnerability in the Array.pop, which is an array method that is used in JavaScript objects in Firefox. The vulnerability, which was disclosed and patched earlier this week, enables cybercriminals to take full control of systems running the vulnerable Firefox versions.
The issue affects Tor, since, as its founders said back in 2016, Firefox is at the heart of the privacy-focused onion browser.
